Kubernetes Nodepools Explained
By: Date: 13/08/2021 Categories: azure Tags:

Introduction This article will explain and show the use cases for using Nodepools in Kubernetes: Describe nodepools. System and user nodepools: what are they? How can I use Labels and nodeSelector to schedule application pods on a particular nodepool? How can Taints and Tolerations be used to schedule only certain application pods on a nodepool?…

Read More →
Getting started with task networking on Amazon ECS with Windows containers
By: Date: 12/08/2021 Categories: AWS Tags:

In this post, we will walk through the steps for using awsvpc network mode for Windows containers running in Amazon ECS. Background: Previously, Windows tasks on Amazon ECS supported only default network mode, which relied on Docker’s default networking to set up the network stack for the containers. In the default network mode, all the containers are…

Read More →
How to set Azure blob for Immutable storage
By: Date: 01/08/2021 Categories: azure Tags: ,

Immutable storage for Azure blob that enables users to store business-critical data in a WORM (Write Once, Read Many) state. Immutable storage supports two types of policies:Time-based retention Legal holdSelect from Azure PortalTime-based retention Immutable storage supports two types of policies: Time-based retention Time-based retention allows users to add policies and store data for a…

Read More →
Amazon EKS now supports Kubernetes 1.21
By: Date: 18/07/2021 Categories: AWS Tags:

Kubernetes runtime changes and EKS In version 1.20, Kubernetes deprecated Dockershim, which allows Kubernetes to use Docker as a container runtime. Docker is still fully functional, but users will need to migrate to a different container runtime before support is removed in a future Kubernetes release. We’ve been hard at work making sure there is a…

Read More →
Power your genomic data analysis on Azure with Azure CycleCloud
By: Date: 10/07/2021 Categories: azure Tags:

Researchers around the world have access to a greater variety and volume of genomics data than ever before. Genomics is now available to a vast majority of researchers, pushing forward the discovery at a tremendous pace and changing people’s lives. This growth is happening because of the perfect storm between genomic testing and technological improvements….

Read More →
Limited Preview: New Azure VMs for confidential workloads
By: Date: 02/07/2021 Categories: azure Tags:

Today, we’re announcing the limited preview go-live of the DCsv3-series and DCdsv3-series Azure Virtual Machines, starting in the East US 2 region.  These VMs dramatically improve the state-of-the-art for confidential workloads. Based on Intel’s 3rd Gen Xeon Scalable Processor, we’ve increased encrypted memory by 1000x and increased CPU cores (up to 48 cores) for more performance….

Read More →
AWS App Mesh ingress and route enhancements
By: Date: 18/06/2021 Categories: AWS Tags:

App Mesh is a fully managed service mesh and provides a logical boundary for network traffic between the services that reside within it. App Mesh standardizes how your services communicate, giving you end-to-end visibility and ensuring high availability for your applications. App Mesh, along with enabling a rich set of capabilities to manage east-west, inter-service…

Read More →
Deploying Microsoft Defender for Endpoint on Linux Servers.
By: Date: 13/06/2021 Categories: azure Tags:

Hi IT Pro,   The following is step-by-step document for Defender for Endpoint Linux (MD ATP for Linux) deployment.  Let’s start your MD for Endpoint Linux deployment!  ________________________________ Microsoft Defender for Endpoint Linux (MD ATP)support for Linux with kernel version 3.10.0-327 or later, including the following Linux flavours :  Red Hat Enterprise Linux 7.2 or higher  CentOS 7.2 or higher  Ubuntu 16.04 LTS…

Read More →
Network Security Group Monitoring
By: Date: 09/06/2021 Categories: azure Tags:

Intro Brad Watts here to explore monitoring of your Network Security Groups (NSGs). I was approached recently by a customer wanting to better understand changes being made to the many NSGs in their environment. Working with them, we came up with an Azure Workbook that provides a centralized view of both current settings on your NSGs along with any changes that have been…

Read More →
VPN access to Azure from macOS with Azure Active Directory authentication
By: Date: 03/06/2021 Categories: azure Tags:

Whether you are using Microsoft Azure for development, for production workloads, or for both, it’s important to consider the security of the connections to those cloud systems. Virtual private networks are often used to encrypt traffic between a device and Azure using a private tunnel over the public internet – especially for information and systems…

Read More →
Deploying DDoS Protection Standard with Azure Policy
By: Date: 25/05/2021 Categories: azure Tags:

One of the most important questions customers ask when deploying Azure DDoS Protection Standard for the first time is how to manage the deployment at scale. A DDoS Protection Plan represents an investment in protecting the availability of resources, and this investment must be applied intentionally across an Azure environment. Creating a DDoS Protection Plan and…

Read More →
Azure WAF Custom Rule Samples and Use Cases
By: Date: 25/05/2021 Categories: azure Tags:

This post will detail how to use Custom Rules on Azure WAF, including some examples of common use cases fulfilled by this rule type. Custom Rules provide a versatile way to build controls that fulfill security requirements and protect applications from attacks that are unique to your applications. WAF Rule Types and Processing Azure WAF…

Read More →
Azure Firewall Manager Is Now Integrated with Azure Security Center
By: Date: 19/05/2021 Categories: azure Tags:

Introduction Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.  Azure Firewall Manager is a security management service that provides…

Read More →
Introducing AWS App Runner
By: Date: 18/05/2021 Categories: AWS Tags:

App Runner provides per-second execution billing and everything you need to run secure production workloads. With a few clicks, you can have a container running with a public endpoint, verified TLS certificate, and automatic scaling. Through App Runner, you can bring your existing containers, or use the integrated container build service to go directly from…

Read More →
Azure Storage — Attribute-based Access Control (ABAC) now available for preview
By: Date: 07/05/2021 Categories: azure Tags:

Attribute-based access control (ABAC) is an authorization strategy that defines access levels based on attributes associated with security principals, resources, requests, and the environment. Azure ABAC builds on role-based access control (RBAC) by adding conditions to Azure role assignments in the existing identity and access management (IAM) system. This preview includes support for role assignment conditions on Blobs…

Read More →
Action required: upgrade your AML cluster to Ubuntu 18.04 LTS by 30 April 2021
By: Date: 23/04/2021 Categories: azure Tags:

Azure Machine Learning (AML) is an enterprise grade service that provides compute infrastructure for your ML needs. Azure Machine Learning’s managed-compute infrastructure allows you to easily create a compute instance (CI) or a single or multi-node compute cluster. Starting 30 April 2021, Ubuntu is ending standard support for Ubuntu 16.04 LTS (read more on the Ubuntu release blog) and as a result, Microsoft will replace…

Read More →
Log Analytics Windows Agent for Winter 2021 now generally available
By: Date: 13/04/2021 Categories: azure Tags:

The Log Analytics Windows Agent for Winter 2021 is now available. This release contains a new troubleshooting tool andchanges to how the agent handles certificate changes in Azure Services. As always, we suggest using the latest agent available. If you have installed the Log Analytics Agent for Windows by using Azure extensions and have automatic extension updates turned on, this update…

Read More →
Introducing Packet Monitor
By: Date: 09/04/2021 Categories: azure Tags:

Network connectivity issues are often hard to diagnose. There are multiple machines involved in a single data transfer; at least two endpoints and a complex network infrastructure in the middle. Lately, with the introduction of network virtualization, more of the infrastructure capabilities like routing and switching are being integrated into the endpoints. The additional complexity in…

Read More →
General availability: Kubernetes v1.20 support in AKS
By: Date: 31/03/2021 Categories: azure Tags:

AKS support for Kubernetes release 1.20 is now generally available. Kubernetes 1.20 delivers a total of 42 enhancements in various stages of maturity. These include capabilities such as CSI Volume Snapshot graduating to stable, Kubectl Debug to Beta, and introduction of new capabilities such as Graceful Node Shutdown in Alpha. Learn more about Kubernetes release 1.20…

Read More →
Using VPC Traffic Mirroring to monitor and secure your AWS infrastructure
By: Date: 18/03/2021 Categories: AWS Tags:

VPC Traffic Mirroring is an AWS feature used to copy network traffic from the elastic network interface of an EC2 instance to a target for analysis. This makes a variety of network-based monitoring and analytics solutions possible on AWS. By capturing the raw packet data required for content inspection, VPC Traffic Mirroring enables agentless methods for…

Read More →
Using Service Principal with AzCopy & Azure CLI to manage blobs in Storage Account
By: Date: 06/03/2021 Categories: azure Tags:

In this blog we will look at using service principals with AzCopy and Azure CLI to connect to storage accounts and manage blob data. An Azure service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources. This access is restricted by the roles assigned to the…

Read More →