Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by proximagr

  1. Azure Virtual Network Gateway provides the ability to connect to your Azure Virtual Network with Azure Client VPN (SSL) connections using your Azure AD or hybrid identity, with Multi Factor Authentication (MFA) and your Conditional Access policies. We can have an Enterprise grade SSL VPN, with Active Directory authentication and Single Sign on (SSO) from your corporate laptops and apply all your conditional access policies, like MFA, Compliance devices, trused locations, etc. How to create the VPN Gateway Go to your Virtual Network’s subnets and create a Gateway subnet by clickin
  2. Compliance Report using Azure Policy Azure Policy is a powerful tool for Azure Governance. With Azure Policy we can define rules for all Azure Subscriptions the we manage. We can use this rules for simple limitation actions, like permitting only specific VM Series and Sizes that can be created and also more complex rule sets that helps you standardize the whole Azure deployment. At my previous posts, we learned How to limit the Azure VM Sizes and How to enforce tags for resources creation At the current post we will learn how to use Azure Policy to have a compliance report for our dep
  3. Excited to be speaking at Microsoft Ignite The Tour in Milan on Jan 27-28. Join me to learn how to use Azure Platform As A Service (PaaS) to design your apps with Elasticity, Resiliency & High Availability and how to Accelerate your web applications with the Azure Front Door Service. IT industry-leading conference is going to Milan. Don’t miss the very latest in cloud technologies and developer tools with guest speakers, industry experts, and more. I will deliver two sessions: A 45 minutes Breakthrough session, where I will talk about how to use Azure Platform as a Service (
  4. Global AI Bootcamp, Athens 2019 December 14, 2019 we proudly carried out the Global AI Bootcamp, Athens 2019! IT was a day full of AI and Microsoft Azure. The Global AI Bootcamp is a free one-day event organized across the world by local communities that are passionate about artificial intelligence on Microsoft Azure. After all preparations with the assistance of Stoiximan.gr, our sponsor, the day begun at Athinais Cultural Center, at Athens, Greece. From early morning our sponsor was there with us to prepare the venue. People start coming at 10:00 am and we checked-in 62 attendees. We start
  5. Spin up Azure HDInsight clusters on demand This is my Global AI Bootcamp, Athens 2019 Presentation with title: Spin up HDInsight clusters on demand for ETL, IoT, Data Science & Machine Learning At my presentation I explained with a hands-on demo, how to use Azure Data Factory to spin up on-demand Azure HDInsight clusters to make a process and automatically delete them once they provide the result. Download the PowerPoint Presentation: download link And watch the Demo: The post Spin up Azure HDInsight clusters on demand appeared first on Apostolidis IT Corner.
  6. At the previous post we created an Azure Front Door to scale our web apps across Azure Regions and also publish them only through the Front Door’s URL. At this post we will create Web Application Firewall (WAF) rules, to protect our web apps. To add WAF functionality to the Front Door we need first to create WAF rules and then attach them to the Front Door Create the WAF Rule From the Azure Marketplace search for WAF and create a Web Application Firewall At the “Create a WAF policy” wizard select “Global WAF (Front Door) for policy, provide the subscription and resource group, g
  7. Securely scale your Web Apps with Azure Front Door There is a big buzz out there about Azure Front Door. Is it a Load Balancer? A CDN? A Traffic Manager? A Web Application Firewall ? A Reverse Proxy? An Application Gateway? So, what is Azure Front Door? Azure Front Door actually is all the above and more. It is a global service, that routes web traffic based on performance and availability. A Layer 7 multi-region load balancer with Web Application Firewall (WAF) capabilities, DDoS protection & CDN. Azure Front Door is the entry point, the edge, of all Microsoft’s WAN. All Microsoft serv
  8. <h1 style="text-align: justify;">Azure Portal | Playing with Disk Snapshot</h1> <p style="text-align: justify;">Disk Snapshot is a powerful tool to manage Azure VMs. It’s simple to create and can help the administrators in various tasks. It’s a fast and efficient way to have a crash-consistent Disk of a Virtual Machine, before performing tasks, updates, configuration changes, application installations, etc. Of course the last line of defence is the Azure Backup, but using the Snapshot you don’t need to wait the whole Backup / Restore times. With snapshots there are two main o
  9. <p>Happy Friday! My blog post is featured at this week’s Friday Five!</p> <p>Check out this week’s <a href="https://techcommunity.microsoft.com/t5/Microsoft-MVP-Award-Program-Blog/Friday-Five-Azure-free-SMTP-relay-using-Sendgrid-Power-Platform/ba-p/894274">FridayFive section of the Microsoft MVP Award Program Blog!</a> My blog post about <a href="https://www.e-apostolidis.gr/microsoft/azure-free-smtp-relay-using-sendgrid/">using SendGrid for free SMTP relay from Azure</a> is featured !!!</p> <p id="swHBZZB"><img class="alignnone size-fu
  10. <h1>Azure Security Center</h1> <h2>Remediate security recommendations in 1 click</h2> <p>Azure Security Center provides unified security management and advanced threat protection across hybrid cloud workloads. Using advanced analytics, it helps you detect potentially malicious activity across your hybrid cloud workloads, and recommends potential remediation steps, which you can then evaluate, and take the necessary action.</p> <p id="DLQOMZB"><img class="alignnone size-full wp-image-2857 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09
  11. <h1>Azure Private Link | Private connection to Azure PaaS</h1> <p> </p> <p>Azure Private Link is a new service, currently in Preview, that provides private connectivity from a virtual network or an on-premises network with Site-2-Site VPN to Azure platform as a service (PaaS) Microsoft services. Azure Private Link makes the networking a lot more simple improving the security and eliminating the need for public access.</p> <p id="nAIxogs"><img class="alignnone size-full wp-image-2844 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_
  12. <p style="text-align: justify;">ExpressRoute is a Microsoft Azure service that provides a private connection between an organization’s on-premises infrastructure and Microsoft Cloud services, such as Microsoft Azure, Office 365, and Dynamics 365.</p> <p style="text-align: justify;">Microsoft Azure ExpressRoute was general available back on 2014. To connect to Azure ExpressRoute you need a direct line with an ExpressRoute provider. Now Microsoft announced that Microsoft cloud services can be accessed with Azure ExpressRoute using satellite connectivity, breaking the direct lin
  13. <h1 style="text-align: left;">Azure Policy | Enforce tags for resource creation</h1> <h2 style="text-align: justify;">Azure Governance</h2> <p style="text-align: justify;">After the previous post about <a href="https://www.e-apostolidis.gr/microsoft/azure-policy-limit-the-azure-vm-sizes/"target="_blank" rel="noopener noreferrer">how to use Azure Policy to limit the Azure VM sizes</a>, I continue the series of posts about Azure Governance with a video guide on how to enforce tags for resource creation. The idea is to explain through examples and how-to-
  14. <p>Σήμερα δημοσιεύτηκε η συνέντευξή μου με τίτλο “<span data-offset-key="900n3-0-0">Το Azure εξελίσσεται”</span> στο NetFax τεύχος #4230, <span data-offset-key="900n3-0-0"> όπου συζητάω για τις τάσεις που θα μας απασχολήσουν στο Microsoft Azure & το Cloud! </span></p> <p><img class="alignnone size-full wp-image-2796" src="https://www.e-apostolidis.gr/wp-content/uploads/2019/08/netfax4.jpg"alt="νετφαχ" width="568" height="1075" /></p> <p>Ευχαριστώ όλη την ομάδα που συνέβαλε για αυτήν την συνέντευξη & φυσικά <span data-offse
  15. <h1>Govern your Azure environment</h1> <p>It was a day full of Microsoft Azure and technology, from both IT Pro & Dev perspective. A sunny day at Athens, with a lot of fun. For sure we had a great time!</p> <p>You can download my Athens Azure Bootcamp 2019 presentation, Govern your Azure environment, from this <a href="https://papostolidisgr-my.sharepoint.com/:p:/g/personal/pantelis_e-apostolidis_gr/EUS8pnejNdNEhrm0GVe4qaYBkFH2s_ZZKqGh9AaDY0NTFw?e=nQaNSD">link</a>:<a href="https://papostolidisgr-my.sharepoint.com/:p:/g/personal/pantelis_e-aposto
  16. <h1>Azure Bastion – Jump Server as a Service</h1> <p>Azure Bastion is a new Azure Platform (PaaS) service, at this time is still in Preview, that allows to have RDP and SSH access to Virtual Machines inside a Virtual Network directly from the Azure Portal. This eliminates the need to expose the Virtual Machines RDP and SSH ports to the internet.</p> <p>The logic comes from the Jump Servers, but you don’t need to deploy any VMs and you don’t have to worry about the hardening. It all ready on Azure as a Service.</p> <p>A jump server is a hardened and mon
  17. Validate Azure Resource Move with Postman At this post we will see how easily we can move azure resources to new resource groups or subscriptions and how we can validate if the azure resources are eligible to move without initiate the move. Move Azure Resources to new resource groups or subscriptions Azure Resource Manager allow you to easily move resources to new resource groups or subscriptions. It is a pretty simple process. From the Azure Portal, open a Resource Group, and from the top options click Move. You can select if you want to move to another resource group or subscription. On the
  18. Azure VM CMD & PowerShell from the Portal Today I was trying to troubleshoot an Azure VM. This VM is behind a Network Virtual Appliance (NVA) and at the subnet it has User Defined Routes (UDR) that routes the traffic to the NVA. We was troubleshooting the NVA and it was not possible to connect with RDP to the VM. Serial Console This is an excellent scenario to use the Serial Console. From the Azure Portal, portal.azure.com, navigate to the Azure VMs blade, scroll down to the Support + Troubleshooting section and select “Serial Console” The Serial Console will initialise and after a while
  19. Azure Policy | Limit the Azure VM Sizes Azure Governance This post, Azure Policy, is the first of a series of posts about Azure Governance. The idea is to explain through examples and how-to-guides, the tools that Microsoft Azure provides to help the administrators to enforce rules to all subscriptions. Some examples of those rules are, to help the organizations to stay compliant with their corporate standards, to standardize the resources creation and management, to manage the permissions and access controls, etc. Azure Policy Azure Policy is a powerful tool for Azure Governance. With Azure P
  20. Get real insights about your Windows and Linux VMs & VMSSs performance and their dependencies with Azure Monitor. Integrate with Log Analytics for even more in depth analysis and retain the data over time. Health, Performance & Service Map of your VM in a dashboard. Deploy to Single VM For a single VM, go to the VMs blade, scroll down to the “Monitoring” section, select “Insights” and press “Try now” The Azure Monitor Insights Onboarding wizard will open. If your VM is already onboard at a Log Analytics workspace just click Enable. Otherwize select a Log Analytics workspace or create
  21. Azure Web Application Firewall (WAF) is a function of the Azure Application Gateway that detects and prevents exploits and attacks to a web application. Using a WAF we add an additional security layer in front of our application. To have a sneak peak at the most common web application attacks, take a look at the OWASP Top 10 Most Critical Web Application Security Risks . At my previous posts we have seen how to Protect your Web App using Azure Application Gateway Web Application Firewall and Use Log Analytics to Query the WAF Logs and email those logs to the Admins. At this post I want to shar
  22. At this post, we will create a Logic App that will query the Log Analytics workspace for the WAF logs of the last 24 hours and send the results in an email, using a free SendGrid account. A Web Application Firewall protects your application from common web vulnerabilities. Azure provides enterprise grade Web Application Firewall through the Application Gateway. You can read more at my previous post: https://www.e-apostolidis.gr/microsoft/azure/protect-your-web-application-with-azure-application-gateway-waf/ Use Log Analytics to Query the WAF Logs The Application Gateway WAF sends its logs to t
  23. Azure offers free smtp relay using the SendGrid application. SendGrid is a cloud service that provides email delivery and marketing campaigns. The specific offer is for up to 25.000 emails per month. Also this offers provides full reporting and analytics and 24/7 support. At this post we will see how to create a SendGrid free account that can be used for many purposes, like: Send emails through an application using the SendGrid API Send email campaigns, newsletters, etc using the SendGrid SMTP service At the Azure Portal, portal.azure.com, search for sendgrid and click the “SendGrid Email
  24. Working as a Cloud Consultant, Administrator, Architect, many companies will provide you guest (Azure AD B2B) access to their subscription. After completing the Admins of the subscriptions, many times, forget to remove this accesses and as a result you still have access to resources with no reason and also the list of your available subscriptions grows making it difficult to choose the right subscription to work. In this post we will walk through the steps of removing your account from those subscriptions. Since this is an identity matter, you need to login to the https://account.activedirecto
  • Create New...