In this video, I go over the difference between Azure Business to Business, or B2B and Azure Business to Customer, or B2C. This is a high-level comparison between the two services for those getting ready for an Azure Certification or designing Azure solutions.Continue reading “Azure B2B vs. B2C”
This video goes over how to deploy an Azure VNet Gateway on an existing VNet and enable Point-to-Site (P2S) VPN connections using Azure AD to authenticate the client. A P2S connection allows clients to connect securely to an Azure Gateway and access resources on the private VNet. The video goes on to demonstrate how enable Multi-Factor Authentication with a Conditional Access policy or enforcing MFA per-user.Continue reading “Azure Point-to-Site VPN with Azure AD Authentication and MFA”
I am happy to release an update to my Windows Virtual Desktop (WVD) Start-Stop script for Windows Virtual Desktop updated for Spring 2020, or “WVD ARM.” This script uses an Azure Function to starts and stops WVD Session hosts in a host pool based on the user load.Continue reading “Auto Start and Stop Session Hosts in Windows Virtual Desktop Spring Update (ARM) Edition with an Azure Function”
This video goes over how to deploy an Azure VNet Gateway on an existing VNet and enable Point-to-Site (P2S) VPN connections. A P2S connection allows clients to connect securely to an Azure Gateway and access resources on the private VNet. The video goes on to demonstrate how to create a root certificate and client certificates to use for authentication. After that, configuring the client is demonstrated as well as blocking a client by revoking a certificate.Continue reading “Azure Point-to-Site VPN with Certificate Based Authentication”
Azure Files SMB Access with Windows AD allows you to access file shares in Azure with NTFS access control. By default, that access won’t extend to an on-prem network over VPN or Express Route. This video shows how to extend access to an Azure Files share with Windows AD to an on-premises network using Private Endpoints.Continue reading “Azure Files SMB Access On-premises with Private Endpoints”
Azure Files allows you to access file shares in Azure, but until recently use was restricted to RBAC permission. Azure Files SMB Access for Azure AD Domain Services is generally available and support for Windows AD is now in public preview. This video goes over how to enable Azure Files for SMB access secured with your on-premises Windows AD Directory Services.Continue reading “Azure Files SMB Access with Windows AD”
Microsoft has a lot of options to view Azure log data in one form or another. There is the Security Center, Azure Sentinel, Log Analytics, and Insights. This is fine for an Azure centric organization, but many organizations already have log collection systems in place such as Splunk, and using multiple logging platforms is not efficient. This article walks through sending Azure AD and Office 365 logs to Splunk.Continue reading “Use Splunk to Collect Logs from Office 365 and Azure AD”
Azure Privileged Identify Management, or PIM, is a Microsoft service that enables management, control and monitoring of privileged access in Azure. In this video, I give you an introduction to Azure PIM. We go over the basics of on boarding a user to PIM, adding a user for active and eligible access, activating an eligible role, requiring an activation approval on a role and creating access reviews.