| |
| 🔗 Stories, Tutorials & Articles |
| |
|
| |
| PowerShell Remoting on Windows using Airflow |
| |
| |
In this article, the author explains how to use Apache Airflow for orchestration of Windows jobs through PowerShell Remoting on Windows using WinRM (Windows Remote Management).
To ensure security, the author recommends using the Just-Enough-Administration (JEA) framework, which is essentially a more advanced version of sudo and allows you to use PowerShell as an API, limiting the remote management interface to a defined set of commands and executing as a specific user.
The author explains how to register a JEA configuration and make it available to Airflow by creating a role capabilities file. The author also mentions the steps to add the PowerShell Remoting Protocol Provider to Airflow and the necessary Python packages to be installed, including apache-airflow-providers-microsoft-psrp, gssapi and krb5.
They conclude by noting that when WinRM is used with an HTTP listener, Kerberos authentication can be used to secure the communication, acting as a trusted third party, supplanting the use of SSL/TLS. |
|
| |
|
| |
|
| |
| Compliance Policy for Azure Virtual Desktop Session Host Virtual machine managed via Microsoft Intune |
| |
| |
The article is about how to use Microsoft Intune Compliance Policy to manage the security and compliance of Azure Virtual Desktop (AVD) Session Host virtual machines.
It explains the steps to set up an Intune Compliance Policy, the reasons why organizations create such policies, the compliance policies supported by Azure Virtual Desktop, and the configuration options. The article also covers the process of creating the compliance policy and monitoring device compliance for AVD Session Host virtual machines. |
|
| |
|
| |
|
| |
| Track IP addresses consumption with Azure Application Insights |
| |
| |
| The article is about automating the tracking of Azure Virtual Network IP addresses consumption every 30 minutes through a Timer Trigger Azure Function App. The Azure Function will be deployed through Bicep, which is a domain-specific language that uses declarative syntax to deploy Azure resources and offers the best authoring experience for infrastructure-as-code solutions in Azure. The article is a continuation from part 1 where it showed how to send a custom event telemetry to an Azure Application Insights instance through PowerShell. |
|
| |
|
|
| |
|
| |
| Scale Azure Firewall SNAT ports with NAT Gateway for large workloads |
| |
| |
In order to deal with outbound connectivity issues encountered when handling large scale outbound traffic in Azure, NAT Gateway can be used in combination with Azure Firewall. Azure Firewall inspects, secures, and conceals the original client IP address of all outbound internet traffic using SNAT (Source Network Address Translation). However, large-scale environments can experience SNAT port exhaustion, where all available SNAT ports run out.
This can be solved by using NAT Gateway, which provides a large SNAT port inventory with fewer public IPs and is designed to handle dynamic and large-scale workloads by allocating SNAT ports on demand and randomly selecting them. NAT Gateway also provides 50 Gbps of data throughput for outbound traffic and ensures that all outbound traffic is secure by subjecting inbound traffic to security rules set on Azure Firewall.
To set up NAT Gateway with Azure Firewall, the firewall should be deployed to a subnet within the virtual network, and the NAT Gateway should be attached to the Firewall subnet and given up to 16 public IP addresses. |
|
| |
|
| |
|
| |
| Automate your attack response with Azure DDoS Protection solution for Microsoft Sentinel |
| |
| |
Azure DDoS Protection Solution for Microsoft Sentinel is a security solution offered by Microsoft Azure to help organizations protect their resources and applications from DDoS (Distributed Denial of Service) attacks.
Azure DDoS Protection Solution for Sentinel provides a single consumable solution package that includes an Azure DDoS Protection data connector and workbook, alert rules to retrieve the source of the DDoS attack, and a remediation IP playbook that automatically creates remediation in Azure Firewall to block the source of the attack. The solution is integrated with Microsoft Sentinel, a cloud-native security information and event management (SIEM) solution, to provide a centralized view of the attack landscape and automate the response to mitigate sophisticated attacks.
The solution is initially released for Azure Firewall and will be enhanced to support Azure Web Application Firewall (WAF) soon. The flexibility of the solution allows customers to use it with any firewall as long as it has a Sentinel Playbook. The solution provides an automated response to mitigate DDoS attacks and provides better security for organizations by blocking possible new attack vectors in other security products. |
|
| |
|
| |
👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community. |
