Tag: Security

Failed to add new rule: IpSecurityRestriction.VnetSubnetResourceId is invalid.

This post is focused on a scenario where you are creating an Access Restriction rule in an Azure App Service to allow client requests from a subnet in a Virtual Network (VNET) and you get this error: Failed to add new rule: IpSecurityRestriction.VnetSubnetResourceId is invalid. For request GET https://management.azure.com/subscriptions/xxxxxx/resourceGroups/xxxxxx/providers/Microsoft.Network/virtualNetworks/xxxxxx/taggedTrafficConsumers?api-version=2018-01-01 with clientRequestId xxxxxx and correlationRequestId xxxxxx,…

Read the full article

Microsoft Ignite 2019 – Deliver Highly Available Secure Web Application Gateway and Web Application Firewall

Speaker: Amit Srivastava, Principal Program Manager, Microsoft Mission Critical HTTP Applications Always On Secure Scalable Telemetry Polygot – variety of backed, IaaS, PaaS, on-prem Many things to think about. What Azure Pieces Can We Use? WAG AFD CDN WAF Azure Load Balancer Azure Traffic Manager WAG Regional ADS as a service. A full reverse proxy.…

Read the full article

Microsoft Ignite 2019 – Building and Managing Distributed Micro-Perimeters With Azure Firewall

Speaker: Yair Tor, Principal Program Manager Azure Firewall Cloud native stateful firewall as a service. A first among public cloud providers. Central governance of all traffic flows Built in high availability and auto scale Network and application traffic filtering Centralized policy across VNets and subscriptions Complete VNet protection Filter outbound, inbound, spoke-spoke Centralized logging Best…

Read the full article

Microsoft Ignite 2019 – Securing Your Cloud Perimeter With Azure Network Security

Speaker: Sinead O’Donvan (Irish, by the accent) Zero Trust Architecture document 7 pillars: Identity Devices Data Apps Infrastructure Networking – the focus here Verify explicitly every access control Being on the network is not enough Use least privilege access IP address is not enough Assume breach No one is perfectly secure. Identify the breach. Contain…

Read the full article

Network Tunnel

Private Connections to Azure PaaS Services

In this post, I’d like to explain a few options you have to get secure/private connections to Azure’s platform-as-a-service offerings. Express Route – Microsoft Peering   ExpressRoute comes in a few forms, but at a basic level, it’s a “WAN” connection to Azure virtual networks via one or more virtual network gateways; Customers this private…

Read the full article

Migrating Azure Firewall To Availability Zones

Microsoft recently added support for availability zones to Azure firewall in regions that offer this higher level of SLA. In this post, I will explain how you can convert an existing Azure Firewall to availability zones. Before We Proceed There are two things you need to understand: If you have already deployed and configured Azure…

Read the full article

Cloud Camp 2018 – It’s A Wrap!

Yesterday, Cloud Camp 2018, run by MicroWarehouse and sponsored by Microsoft Surface and Veeam, ran in the Dublin Convention Centre here in Ireland. 4 tracks, 20 (mostly MVP) sessions, 2 keynotes, and hundreds of satisfied attendees. It was great fun – but we’re all a little tired today Photo by Gregor Reimling The message of…

Read the full article