Azure Firewall (Public Preview) Automation – Part 3

In  the previous article, we played a bit more advanced with PowerShell to pull over 1,000 malicious hosts from MDL (Malware Domain List) and then created Azure Firewall application rules accordingly. To get the list being up-to-date state, you may run the list in a periodical schedule or have a virtual machine with scheduler (e.g. Task Scheduler) to run your script. Another approach to be considered is Azure Automation to automate firewall rule creation and update.

In this article, we will look into deploying the PowerShell script in an automation runbook and schedule it to continuously maintain  firewall application rule.

(more…)

Azure Firewall (Public Preview) Automation – Part 1

When it comes to automation, there are number of scenarios which come to your mind. It may be simply using PowerShell to manage your Azure Firewall (e.g. getting Azure Firewall resources information, retrieving rule collection, adding a new rule or so on). More advanced, it can be a scheduled automation job running to continuously maintain Azure Firewall. And if we were to reflect to DevOps, the automation would be a CICD pipeline for the security operation team to deploy, maintain, update and monitor network/application rules continuously in a collaborative development environment.

The first article of Azure Firewall (Public Preview) Automation series, we will look into using Microsoft PowerShell in order to create, deploy and manage Azure Firewall resources.

(more…)

Azure Firewall Monitoring 101

My last article was to give you an overview of Azure Firewall – a managed firewall service Microsoft recently announced in public preview, and also guidance on how to set it up. There have been some positive feedbacks along with questions about monitoring Azure Firewall traffic. In fact, without monitoring, you wouldn’t know what would have happened in your network, specific to traffic gone through your firewall to the Internet

This article is going to give you guidance on how to monitor Azure Firewall traffic using Azure Log Analytics. This also gives you some sample queries which are hopefully helpful to your security monitoring plan.

(more…)

Quick look at Azure Firewall

When you’ve heard of cloud firewall, it’d be often referred to a back-end hardware based firewall to protect underlying cloud infrastructure from network attack. Azure Firewall is not an exceptional one. First time getting introduced, you’d think it’s kind of magical & intelligent firewall Microsoft is using to protect its huge cloud infrastructure all over the world. In fact, Azure Firewall is not that thought.  Azure Firewall is a managed service offered to customer cloud tenant to help them better control and manage network traffic in a single place.

Today Microsoft announced Azure Firewall being gone through public preview. This article is going to provide a quick look at Azure Firewall. It also gives a guidance on how to set up and test Azure Firewall.

(more…)

Microsoft MVP for the 8th year

I’m humbly excited today to have received an email from Microsoft saying that I’m awarded MVP.  The big change among the other times is the category which is Microsoft Azure. If you are an avid reader of my blog, you already knew that in my quick review of 2017 I shared my plan moving forward in 2018 which would strongly focus on Microsoft Azure.

(more…)

Defend your Azure virtual network with Defense In Depth strategy

Network is a heart of every system no matter where it is. If you happen to study OSI model, you would know how imperative it is to your system. Within a web application you write, for instance, before an HTTP request initiates, the network must be established first, then the HTTP request can hit to the application at Layer 7. With that in mind, when building a system on the cloud, we must protect the network.

There are several methodologies to getting started with protecting virtual network. In this article, I’d like to introduce Defense In Depth which is one of common security countermeasures to protect digital assets in a system. Like the title, this article gives you essential knowledge of defense in depth approach to defending your Azure virtual network.

(more…)

Quick look at Attack Simulator on Office 365

Brute-force attack and email phishing get their age, but never be considered old techniques in security. The two techniques target primarily to vulnerable system and especially to non-technical users who have no awareness of security. Specific to Office 365 which is widely being used by millions of people, the target to such a collaborative environment is exponentially increasing every day.

(more…)

© 2018 The Soldier of Fortune.