Compliance Report using Azure Policy
Azure Policy is a powerful tool for Azure Governance. With Azure Policy we can define rules for all Azure Subscriptions the we manage. We can use this rules for simple limitation actions, like permitting only specific VM Series and Sizes that can be created and also more complex rule sets that helps you standardize the whole Azure deployment. At my previous posts, we learned How to limit the Azure VM Sizes and How to enforce tags for resources creation
Excited to be speaking at Microsoft Ignite The Tour in Milan on Jan 27-28. Join me to learn how to use Azure Platform As A Service (PaaS) to design your apps with Elasticity, Resiliency & High Availability and how to Accelerate your web applications with the Azure Front Door Service.
IT industry-leading conference is going to Milan. Don’t miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more.
I will deliver two sessions:
A 45 minute
Global AI Bootcamp, Athens 2019
December 14, 2019 we proudly carried out the Global AI Bootcamp, Athens 2019! IT was a day full of AI and Microsoft Azure. The Global AI Bootcamp is a free one-day event organized across the world by local communities that are passionate about artificial intelligence on Microsoft Azure.
After all preparations with the assistance of Stoiximan.gr, our sponsor, the day begun at Athinais Cultural Center, at Athens, Greece. From early morning our sponsor was there wi
Spin up Azure HDInsight clusters on demand
This is my Global AI Bootcamp, Athens 2019 Presentation with title:
Spin up HDInsight clusters on demand for ETL, IoT, Data Science & Machine Learning
At my presentation I explained with a hands-on demo, how to use Azure Data Factory to spin up on-demand Azure HDInsight clusters to make a process and automatically delete them once they provide the result.
Download the PowerPoint Presentation: download link
And watch the Demo:
The post Spin
At the previous post we created an Azure Front Door to scale our web apps across Azure Regions and also publish them only through the Front Door’s URL. At this post we will create Web Application Firewall (WAF) rules, to protect our web apps. To add WAF functionality to the Front Door we need first to create WAF rules and then attach them to the Front Door
Create the WAF Rule
From the Azure Marketplace search for WAF and create a Web Application Firewall
At the “Create a WAF poli
Securely scale your Web Apps with Azure Front Door
There is a big buzz out there about Azure Front Door. Is it a Load Balancer? A CDN? A Traffic Manager? A Web Application Firewall ? A Reverse Proxy? An Application Gateway?
So, what is Azure Front Door?
Azure Front Door actually is all the above and more. It is a global service, that routes web traffic based on performance and availability. A Layer 7 multi-region load balancer with Web Application Firewall (WAF) capabilities, DDoS protection
Μόλις έλαβα το πρώτο μου Microsoft Azure MVP award! Νοιώθω χαρούμενος και περήφανος που η προσπάθεια και η προσφορά μου στην κοινότητα ανταμείβεται. Πιστεύω στην κοινότητα και στον διαμοιρασμό της γνώσης και αυτό με έχει βοηθήσει πολύ στην ζωή μου και και εγώ με τη σειρά μου προσπαθώ να βοηθήσω στο μέγιστο. Όλα ξεκινάνε με αυτό το υπέροχο email Congratulations! We are extremely pleased to present you with the 2018-2019 Microsoft Most Valuable Professional (MVP) Award! This award is given to exce
Καλησπέρα στην κοινότητα. Μια ακόμα αναμέτρηση με το τέρας του Exchange. Έχουμε και λέμε, εγκατάσταση με Exchange Server 2010, έχω ρυθμίσει Hybrid με Office 365, DirSync, όλα καλά. Έχουν πάει επάνω users, contacts, distribution groups, mail contacts, έχω περάσει και Mail-Enabled Public Folders όλα καλά. Έλα όμως που στα Distribution Group members ενώ έχουν συγχρονίσει όλα τα members δεν έχει φέρει τους Mail-Enabled Public Folders. Τελικά μετά από ψάξιμο και διάφορα περίπλοκα PowerShell scripts ε
Bulletproof manage your Azure VMs Continuing the Azure Security Center posts, today we will see a new feature of the Security Center, called Just in Time VM Access. As best security practice, all the management ports of a Virtual Machine should be closed using Network Security Groups. Only the ports required for any published services should be opened, if any. However there are many occasions that we are requested to open a management port for administration or a service port for some tests for
Use Service Endpoints to protect an Azure Storage Account inside an Azure Azure Virtual Network As we have already saw at a previews post, we can use the Service Endpoints to protect an Azure SQL Server inside an Azure Virtual Network. Today we will see how we can protect a Storage Account. First we need to enable the Microsoft.Storage Service Endpoint to an existing Virtual Network or create a new Virtual Network and enable it. At this port I am creating a new Virtual Network, so at the Azure P
<p>Lets say you have an Office 365 account and cloud only users with mailboxes and now you decide that you want to sync it and match the Office 365 users with your Active Directory users.</p> <p>I prepared a lab with one DC and I created a trial Office 365 E3 account with custom domain. I created users with the same username to both. At Active Directory I set the UPN to match the Office 365 user name and also added the email address.</p> <p>Next I enabled directory
Get real insights about your Windows and Linux VMs & VMSSs performance and their dependencies with Azure Monitor. Integrate with Log Analytics for even more in depth analysis and retain the data over time. Health, Performance & Service Map of your VM in a dashboard. Deploy to Single VM For a single VM, go to the VMs blade, scroll down to the “Monitoring” section, select “Insights” and press “Try now” The Azure Monitor Insights Onboarding wizard will open. If your VM is already onboard
<p>Happy Friday! My blog post is featured at this week’s Friday Five!</p> <p>Check out this week’s <a href="https://techcommunity.microsoft.com/t5/Microsoft-MVP-Award-Program-Blog/Friday-Five-Azure-free-SMTP-relay-using-Sendgrid-Power-Platform/ba-p/894274">FridayFive section of the Microsoft MVP Award Program Blog!</a> My blog post about <a href="https://www.e-apostolidis.gr/microsoft/azure-free-smtp-relay-using-sendgrid/">using SendGrid for free SMTP relay fr
<h1 style="text-align: justify;">Azure Portal | Playing with Disk Snapshot</h1> <p style="text-align: justify;">Disk Snapshot is a powerful tool to manage Azure VMs. It’s simple to create and can help the administrators in various tasks. It’s a fast and efficient way to have a crash-consistent Disk of a Virtual Machine, before performing tasks, updates, configuration changes, application installations, etc. Of course the last line of defence is the Azure Backup, but using the S
<p>Σήμερα δημοσιεύτηκε η συνέντευξή μου με τίτλο “<span data-offset-key="900n3-0-0">Το Azure εξελίσσεται”</span> στο NetFax τεύχος #4230, <span data-offset-key="900n3-0-0"> όπου συζητάω για τις τάσεις που θα μας απασχολήσουν στο Microsoft Azure & το Cloud! </span></p> <p><img class="alignnone size-full wp-image-2796" src="https://www.e-apostolidis.gr/wp-content/uploads/2019/08/netfax4.jpg"alt="νετφαχ" width="568" height="1075" /></p> <
At this post, we will create a Logic App that will query the Log Analytics workspace for the WAF logs of the last 24 hours and send the results in an email, using a free SendGrid account. A Web Application Firewall protects your application from common web vulnerabilities. Azure provides enterprise grade Web Application Firewall through the Application Gateway. You can read more at my previous post: https://www.e-apostolidis.gr/microsoft/azure/protect-your-web-application-with-azure-application-
<h1 style="text-align: left;">Azure Policy | Enforce tags for resource creation</h1> <h2 style="text-align: justify;">Azure Governance</h2> <p style="text-align: justify;">After the previous post about <a href="https://www.e-apostolidis.gr/microsoft/azure-policy-limit-the-azure-vm-sizes/"target="_blank" rel="noopener noreferrer">how to use Azure Policy to limit the Azure VM sizes</a>, I continue the series of posts about Azure Governance with a video gui
<p style="text-align: justify;">ExpressRoute is a Microsoft Azure service that provides a private connection between an organization’s on-premises infrastructure and Microsoft Cloud services, such as Microsoft Azure, Office 365, and Dynamics 365.</p> <p style="text-align: justify;">Microsoft Azure ExpressRoute was general available back on 2014. To connect to Azure ExpressRoute you need a direct line with an ExpressRoute provider. Now Microsoft announced that Microsoft cloud se
Azure Web Application Firewall (WAF) is a function of the Azure Application Gateway that detects and prevents exploits and attacks to a web application. Using a WAF we add an additional security layer in front of our application. To have a sneak peak at the most common web application attacks, take a look at the OWASP Top 10 Most Critical Web Application Security Risks . At my previous posts we have seen how to Protect your Web App using Azure Application Gateway Web Application Firewall and Use
Use Azure Security Center to protect your workloads At this series of posts we will make a walk along the Azure Security Center, to see some common usage scenarios. Like how we can use it to protect from a Virtual Machine to a whole Data Center. To make it easier to understand we will start with a typical Azure IaaS scenario. A Virtual Machine with IIS role to act as Web Server. The steps to create the VM is out this post’s scope. I will simply describe the process. First we create a Windows Ser
<p>Azure blob storage is billed based to how much data you use. So you can have an 1023 GB disk but if you use only 20 GB you will be billed for 20 GB. But, <img src="https://s.w.org/images/core/emoji/72x72/1f642.png"alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> , if you write more data, lets say 50 GB and then you erase them, the free space will not automatically be released.</p> <p>sandrinodimattia, https://github.com/sandrinodimattia, released an
Protect your Web App using Azure Application Gateway Web Application Firewall Web Application Firewall was always a big investment for a small or growing company as most of the top branded companies are charging a lot of money A Web Application Firewall protects your application from common web vulnerabilities and exploits like SQL Injection or Cross site scripting. Azure provides enterprise grade Web Application Firewall through the Application Gateway. It comes in two pricing models, Medium a
Azure File Sync & DFS Namespace Azure File Sync is a new Azure feature, still in preview, that allows to sync a folder between your local file server and Azure Files. This way your files are accessible both locally at your file server and publicly at Azure Files using an SMB 3.0 client. Also the files can be protected online using Azure Backup. The idea of this post is to have the files of two file servers to sync to Azure Files using Azure File Sync and in addition use the DFS Namespace fea
Create Azure File Shares at your ARM template using PowerShell Using Azure Resource Manage template deployment, you can create a Storage account but you cannot create File Shares. Azure File Shares can be created using the Azure Portal, the Azure PowerShell or the Azure Cli. Mainly, the idea is to run a PowerShell script that will create the File Shares. This script will be invoked inside the ARM Template. In order to use a PowerShell script from a template, the script must be called from a URL.
SQL Failover Cluster with AlwaysOn Availability Groups
Αυτό είναι το δεύτερο Post της τριλογίας SQL Failover Cluster with AlwaysOn Availability Groups. Είναι η ώρα της SQL.
Windows Server 2012 R2 Failover Cluster with FreeNAS 9.3 (Page 1, Page 2)
Microsoft SQL 2012 on Failover Cluster (Page 1, Page 2, Page 3)
Add AlwaysOn AG to SQL Failover Cluster Instance (Page 1, Page 2, Page 3)
Microsoft SQL 2012 on Failover Cluster (Page 2)
Και έχουμε έναν διαθέσιμο δίσκο στο Cluster μας