Multi-Factor Authentication (MFA) adds an important layer of security to Azure AD or Microsoft 365 accounts. For many, the Microsoft Authenticator app provides the needed second-factor for MFA. But that depends on a mobile device. In some cases, an employer may want to use an alternative to a cell phone or mobile device for MFA. This video looks at a Yubico Yubikey hardware token as an alternative to the Microsoft Authenticator app on a cell phone for Azure MFA.Continue reading “MFA Without the Authenticator App for Azure AD and Microsoft 365”
In this video, we deploy an Azure Recovery Services Vault to back up an Azure File share. Protecting data is critical. Azure Storage accounts offer data resiliency, but replicating copies of the data inside a data center, region or across regions. Replication provides real-time protection, but there is no way to recover a previous version of the data. This capability is critical with Azure File Shares, especially when storing user data such FSLogix Profiles. Azure Backup provides the ability to restore previous versions using Azure Storage Snapshots to create and manage Azure File recovery points.
To learn more about Azure Storage Accounts:
To learn more about Azure SMB Shares with Azure Files:
This video goes over two ways of restricting access to Microsoft Azures PaaS services; Service Endpoints and Private Endpoints. Both are used to restrict access to PaaS serviced, but work differently. The video gives an overview if the differences and then does a walkthrough of deploying Service Endpoints and Private Endpoints using an Azure Storage account as an example.Continue reading “Azure Virtual Networking Service Endpoints and Private Endpoints”
In this video, I walk through the prerequisites and setup of the new Azure Bastion Service for IaaS servers. Azure Bastion provides RDP and SSH access to Windows and Linux servers without the need for public IP’s or VPN connections. Access is enabled through the Azure portal with an HTML5 client.Continue reading “Azure Bastion Preview Setup Walk Through”
Adding most Windows Event Logs to Log Analytics is a straightforward process. Simply go to the Advanced properties in the Workspace > Windows Event Logs and start typing the name. A pre-populated list will appear as shown below. Selected the log and add it for collection. But what if the log you are looking for is not listed in Log Analytics? Continue reading “Collect Custom Windows Event Logs in Log Analytics”
Azure Traffic Manager is a global DNS service hosted in Azure. It extends the functionality of DNS beyond simple name to IP resolution, adding load balancing and advanced resolution features such as geo-fencing, weighted priority, performance, and source IP based name resolution.
Just as important to what it is, is what it is not. It is not an IP based Global Load Balancer. Traffic Manager does not handle IP session data, BGP or any other routing protocols. It is only an External DNS solution, it won’t work as an internal DNS solution. Continue reading “Azure Traffic Manager”
My first article posted at 4sysops on setting up an Azure Monitor workspace in Log Analytics and onboarding Servers.
Azure Automation Update Management is part of Azure Automation. In this video, I’m going over updating servers using Azure Automation Updates. Topics covered include: Continue reading “Update Management in Azure Automation”