Tag Archives: Security

Enabling Azure Disk Encryption on Windows Server 2016 Server Core in Azure

Beside the Windows Server 2016 Datacenter image, Microsoft also provides an image with Windows Server 2016 Datacenter - Server Core in Azure. If you are using the Server Core image and want to enable Azure Disk Encryption for the VM, you will see the following error message. The official solution is described in the Azure documentation. -> https://docs.microsoft.com/en-us/azure/security/azure-security-disk-encryption-tsg#troubleshooting-windows-server-2016-server-core You Read more [...]

Does have ADE or SSE a performance impact on Azure IaaS VMs?

Before I begin to write about this topic, I want to clarify that the results are not an official statement by Microsoft. The opinions expressed herein are my own personal opinions and do not represent my employer’s view in anyway. Now we have clarified that, let us begin to talk about what ADE and SSE are in a short way. ADE stands for Azure Disk Encryption and is the volume-based encryption option Read more [...]

Using Veeam FastSCP with Azure VMs and self-signed certificates

When working with Azure VMs you have several options to copy files into your VMs. One tool I really like is Veeam FastSCP, because my Azure VMs are just dev / test machines and are neither part of an Active Directory nor I have a VPN connection with the my Azure Virtual Network. -> https://www.veeam.com/fastscp-azure-vm.html So I want a secure way to get files into my Azure VMs and here comes Read more [...]

Azure Germany services URLs and IP addresses for firewall or proxy whitelisting

When you are working with Azure Germany sometimes you have to whitelist specific IP address ranges or URLs in your corporate firewall or proxy to access all Azure services you are using or trying to use. Some information like the datacenter IP ranges and some of the URLs are easy to find. Other things are more complicated to find like calling IP addresses of specific Azure services or specific URLs. The Read more [...]

Using MFA in Azure Germany

Using multi-factor authentication as an additional security layer for your accounts in Azure Germany is very easy. Just login to the Azure Germany portal (https://portal.microsoftazure.de) with a Global Administrator account and jump to the Azure Active Directory blade. Next, click on Multi-Factor Authentication in the overview pane to access the MFA portal. There you can activate MFA for a single Read more [...]

Azure services URLs and IP addresses for firewall or proxy whitelisting

When you are working with Azure sometimes you have to whitelist specific IP address ranges or URLs in your corporate firewall or proxy to access all Azure services you are using or trying to use. Some information like the datacenter IP ranges and some of the URLs are easy to find. Other things are more complicated to find like calling IP addresses of specific Azure services or specific URLs. The Read more [...]

Microsoft Azure Network Security Group effective security rules evaluation

Ever faced the problem that you had defined rules in your Network Security Groups, attached one to the virtual subnet and the other one to the VM’s NIC and finally lost the view which rules of which NSG are applied to the VM? If you can answer the question with yes, then Azure provides the solution for it. A hidden gem: the effective security rules. The effective security rules evaluation can Read more [...]

Automated patching for Azure IaaS VMs with OMS update management

During my time at a Microsoft Partner before joining Microsoft and now at Microsoft, customers are asking me, if Microsoft does the patching of Azure IaaS VMs. The answer is no. But with the latest updates to the Update Management solution in the Operations Management Suite, you can now configure an automated patching schedule for your Azure IaaS VMs. -> https://azure.microsoft.com/en-us/documentation/articles/oms-solution-update-management/#installing-updates When Read more [...]

Review Cloud and Datacenter Conference Germany

On May 12th I had the honor to speak at the first Cloud and Datacenter Conference Germany about one of my favorite topics Azure IaaS especially the security part. The one day conference was an awesome event with a set of top international speakers from Microsoft Corp and the MVP community. Thanks to Kerstin and Carsten Rachfahl for such an awesome event. If you have missed to be on-site at CDC Germany, Read more [...]

Azure Disk Encryption is available for Windows VMs

Just in time before the weekend Microsoft announced the general availability of Azure Disk Encryption for Windows VMs in all Azure regions that are public available. -> https://blogs.msdn.microsoft.com/azuresecurity/2016/05/20/azure-disk-encryption-for-windows-virtual-machines-reaches-general-availability/ This is a huge milestone for keeping your data secure. All you need is an Azure Key Vault Read more [...]