Tag: azure defense in depth

Defend your Azure virtual network with Defense In Depth strategy

Network is a heart of every system no matter where it is. If you happen to study OSI model, you would know how imperative it is to your system. Within a web application you write, for instance, before an HTTP request initiates, the network must be established first, then the HTTP request can hit to the application at Layer 7. With that in mind, when building a system on the cloud, we must protect the network.

There are several methodologies to getting started with protecting virtual network. In this article, I’d like to introduce Defense In Depth which is one of common security countermeasures to protect digital assets in a system. Like the title, this article gives you essential knowledge of defense in depth approach to defending your Azure virtual network.

(more…)

Quick notes about self-signed certificate with Point-to-Site Azure VPN

Connecting directly through RDP to your system is not recommended in a practical security. It is because the RDP connection goes through the Internet which is weak. To add more extra layer of security, you should set up a jump virtual machine (as known as bastion host) which connects privately to your system via Point-to-site VPN. The illustration below shows you the setup target. In this setup, there is a virtual machine which resides in a different virtual network to connect to your private network. There is a Point-to-site connection between the jump virtual network and your private virtual network to secure the connection.

(more…)

© 2018 The Soldier of Fortune.