Tag: azure security

Azure Firewall (Public Preview) Automation – Part 3

In  the previous article, we played a bit more advanced with PowerShell to pull over 1,000 malicious hosts from MDL (Malware Domain List) and then created Azure Firewall application rules accordingly. To get the list being up-to-date state, you may run the list in a periodical schedule or have a virtual machine with scheduler (e.g. Task Scheduler) to run your script. Another approach to be considered is Azure Automation to automate firewall rule creation and update.

In this article, we will look into deploying the PowerShell script in an automation runbook and schedule it to continuously maintain  firewall application rule.

(more…)

Azure Firewall (Public Preview) Automation – Part 1

When it comes to automation, there are number of scenarios which come to your mind. It may be simply using PowerShell to manage your Azure Firewall (e.g. getting Azure Firewall resources information, retrieving rule collection, adding a new rule or so on). More advanced, it can be a scheduled automation job running to continuously maintain Azure Firewall. And if we were to reflect to DevOps, the automation would be a CICD pipeline for the security operation team to deploy, maintain, update and monitor network/application rules continuously in a collaborative development environment.

The first article of Azure Firewall (Public Preview) Automation series, we will look into using Microsoft PowerShell in order to create, deploy and manage Azure Firewall resources.

(more…)

Quick look at Azure Firewall

When you’ve heard of cloud firewall, it’d be often referred to a back-end hardware based firewall to protect underlying cloud infrastructure from network attack. Azure Firewall is not an exceptional one. First time getting introduced, you’d think it’s kind of magical & intelligent firewall Microsoft is using to protect its huge cloud infrastructure all over the world. In fact, Azure Firewall is not that thought.  Azure Firewall is a managed service offered to customer cloud tenant to help them better control and manage network traffic in a single place.

Today Microsoft announced Azure Firewall being gone through public preview. This article is going to provide a quick look at Azure Firewall. It also gives a guidance on how to set up and test Azure Firewall.

(more…)

Defend your Azure virtual network with Defense In Depth strategy

Network is a heart of every system no matter where it is. If you happen to study OSI model, you would know how imperative it is to your system. Within a web application you write, for instance, before an HTTP request initiates, the network must be established first, then the HTTP request can hit to the application at Layer 7. With that in mind, when building a system on the cloud, we must protect the network.

There are several methodologies to getting started with protecting virtual network. In this article, I’d like to introduce Defense In Depth which is one of common security countermeasures to protect digital assets in a system. Like the title, this article gives you essential knowledge of defense in depth approach to defending your Azure virtual network.

(more…)

Getting Azure AD access token via REST Call

Part of Azure experiment, one of my colleagues started playing with Azure API Management last week. He was interested with what I introduced about the service, including API gateway, API publishing portal to readable policies to manipulate inbound request before back-end hit. He also loved to work with API call via REST because API is a flexible way of touching Azure resources through pure HTTP request, without installing any specific library.

(more…)

Connect to Azure AD using Microsoft Account with PowerShell

Microsoft Account is considered not an internal account given to Microsoft employee. Microsoft account is associated to external services such as Live Mail, Skype, Xbox or so on. When connecting to Azure AD with Microsoft Account (e.g. LiveID) , you might be get started with Connect-AzureAD  to get the tenant ID. Below screen is what you might get.

(more…)

A little more about hardened Azure VM deployment

One of my Azure security related articles provided step-by-step guidance on how to use Azure Automation with Desired State Configuration (DSC) to deploy security policy on multiple Azure VMs. Instead of clear explanation, the article was just written in a format of step-by-step. Hence, I’ve received some requests to elaborate more about this article so it is fully useful to readers. If you haven’t had a chance to read the article, here you go.

(more…)

© 2018 The Soldier of Fortune.