Category Archives: Azure Security

Enable granular pricing for Defender for Servers P1 or P2 on specific resources within your subscription via API/Powershell

Microsoft model for a scalable Cloud Adtoption is based on the Enterprise Scale Architecture and I think this is a scalable and useful modell for every customer that uses Azure ressources. It´s based on the definition to granulary devide the workloads in different subscriptions and gives via Management Groups the possibility to group this differnent subscription into workload groups like Development, Core, etc. I know many customers struggle with this model and mistakenly think that Enterprise Scale is a reference to Enterprise customers, but this is not the case.

Based on the Enterprise Scale Architecture some services and security features can only be activated on subscription level to guarante that each resource inside the subscription is secured. This basis makes it even more important for customers to consider the Enterprise Scale Architecture or to orient themselves towards it.

The Microsoft Defender for Cloud and especially the Defender for Server P1 and P2 plans can only be activated on subscription level in the past. Microsoft has decided to change this and now allow plans to be activated at resource level (per server). It is important to understand that the principled approach activating on Subscription Level and the Enterprise Scale architecture are still valid and needed and this possibility is only a concession to cover certain requirements:

  • manage security configurations at a lower hierarchy level
  • flexibility for excluding specific resources (VMs) inside the subscription
  • enable different plans on subscription because for implementation of Enterprise Scale approach
Continue reading Enable granular pricing for Defender for Servers P1 or P2 on specific resources within your subscription via API/Powershell

Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information

Microsoft announced with Defender for Cloud Security Posture Management a new plan in the Defender for Cloud product family which focuses on a central view on the security posture of the customer.

In this article I will give a overview about which topics Defender for CSPM covers, how it will be enabled and how the pricing is actual working which holds some suprises if Defender for Servers is already in use.

Continue reading Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information

Speaking at Experts Live Netherlands 2023 about Mastering Defender for Servers

I´m really happy to announce that I will speak at the Experts Live Netherlands 2023 Spring edition. The last one was the 10th annivesary edition in Fall last year. The Experts Live Netherlands is one of the biggest Experts Live conferences next to Experts Live Europe and because of the big Experts Live Europe will take place this year in autumn, the Orga Team decided to organize the 11 edition in spring.

Contents [show]

Session overview

This year, my session will be about the Mastering Defender for Servers. In this session I will focus on Defender for Servers to protect servers across hybrid and multicloud environments. So I dived into the different plans, feature sets, deployment methods and more. Futhermore I show as a side note the new Defender for CSPM Plan and explore how agentless scan methods works. Deploy defender for servers at scale will complete the view and enable the attendees to mastering defender for servers.

Motivation

I like the idea behind the Experts Live community and really looking forward to see many community members there, greats friends again and certainly make new contacts.
This year the edition is with 1,200 registrations sold out. The Keynote will be held by Dona Sarkar. So it is worth to be there

About Experts Live Netherlands

Experts Live is an international Microsoft community platform focusing on knowledge sharing through live events.

Every year Experts Live Netherlands organizes a large-scale one-day event where more than 1200+ IT Pros and Developers gain knowledge of Microsoft technology. National and international community experts update visitors on the latest Microsoft technologies in one day.

Slides

It was a pleasure to speak at 11th edition of the Experts Live Netherlands. With more then 1200 attendees is was one of my biggest in-person conferences in the last couple of months. Thanks to the organizers and sponsors who made this possible!

You can find the slides from my talk about Mastering Defender for Servers here. Please keep in mind that this slides was only for the Experts Live Event and I will improve the session based on the Feedback from the attendees.

Azure Firewall Basic SKU is now GA

Microsoft announces with the Azure Firewall Standard and Premium two native Firewall Services available as PaaS solution what are a great benefit to classic Firewall deployments, because of native Autoscaling Features, no need for VM Management and more. Unfortunately the price was to high for SMBs, with 900€ for the Standard and over 1200€ for the Premium Edition. A frequently requested Features, was a cheaper variant aimed at small and medium businesses.

This wish has been answered and last year October with the Azure Firewall Basic edition (public preview). The Azure Firewall Basic (AzFw Basic) has leaved the Public Preview and are now GA. The planned subscription must first be prepared before the deployment can begin with some Powershell commands.

Now Azure offers three different Azure Firewall solutions. The following table list the different SKUs and the price for using in West Europe (03/2023).

Microsoft has made some changes to deploy the Firewall Basic compared to the Firewall Standard and Premium SKU for better Service avalability. This article will give you a short overview of this changes.

Continue reading Azure Firewall Basic SKU is now GA

How I successfully passed the MS Defender for Cloud Ninja training and how the security community helped me

One of my goal this year was to work more and more with the Microsoft security solutions and got deeper into the different services and possibilities. My focus on this is to get a better understanding how we can secure our Hybrid Cloud environment with the different Microsoft defender products.

About the Microsoft Security Community

Continue reading How I successfully passed the MS Defender for Cloud Ninja training and how the security community helped me

Speaking at Cloud Brew 2022 about Azure Arc

After many hybrid events in the last few years I really like to get back to in-person or hybrid events to see the community live at the events and discuss and learn from each other about different projects and meet some new people.

About the Cloud Brew

One of my favorite conference in 2019 was the Cloud Brew in Belgium, it was a great conference because of different things:

  • Great list of speakers and sessions
  • Deep dive technical sessions
  • Big community from around europe
  • One of the biggest Azure related conference in belgium
  • Great place in the beautiful former brewery Lamot

The Cloud Brew 2022 will take place from 18/11/ – 19/11/2022 in Lamot, Mechelen in Belgium. There are some free seats available.

About my session

Continue reading Speaking at Cloud Brew 2022 about Azure Arc

My favorite Microsoft Ignite 2022 Fall Highlights

After the pandemic beguns Microsoft switched the both big conference Microsoft Build and Microsoft Ignite to virtual only events. The Ignite was two times a year in 2020 and 2021. For 2022 it was long time not clear will it go back to an in-person event or still stay as a virtual event.

The Microsoft Ignite 2022 has start 2 hours ago as an hybrid event delivered from Seattle with 6 Spotlight events around the globe and delivered as before virtually. I’m a little disappointed because a lot of the content is pre-recorded and even great speakers like Donovan Brown don’t hold their sessions live in Seattle but are only shown there virtually as well.

In this article I will share the important announcements from my perspective from the Microsoft Ignite 2022. Most of you know me as an Azure Governance, (Hybrid) Infrastructure and Security guy, so please forgive me for focusing on these things.

Continue reading My favorite Microsoft Ignite 2022 Fall Highlights

Azure Firewall Basic is available as Public preview

Microsoft announces with the Azure Firewall Standard and Premium two new Firewall Services available as PaaS solution what are a great benefit to classic Firewall deployments, because of native Autoscaling Features, no need for VM Management and more. Unfortunately the price was to high for SMBs, with 900€ for the Standard and over 1200€ for the Premium Edition. A frequently requested Features, was a cheaper variant aimed at small and medium businesses.

This wish has been answered and is now available in the form of the Azure Firewall Basic edition. The Azure Firewall Basic (AzFw Basic) is available as public preview and the planned subscription must first be prepared before the deployment can begin with some Powershell commands. This article will guide you through the setup process for a Hub and Spoke Network and the main difference between the three Azure Firewall editions.

Azure Firewall edition comparison

Microsoft already introduced the Azure Firewall as Standard Edition in 2018 and expanded it with numerous updates in 2019. The Firewall Manager followed at the end of 2019 to manage various Azure firewalls under one roof. Mid of 2021 Microsoft announced the Azure Firewall Premium edition and extend the capabilities compared to the standard edition by the following features: TLS Inspetion, IDPS, Web categories and URL Filerting.

The acceptance of the firewall has been high so far due to the numerous features and the fact that the firewall is provided as a PaaS solution. As an SMB solution, the prices called are too high and that is where the Basic Edition is now trying to attract attention.

The following table list the difference between the edition. Please note the Maximum throughput between the different edition. Azure Basic Firewall is limited at time of article of 2 VMs under the hood and a maximum troughput of 250 (maybe increase to GA).

Continue reading Azure Firewall Basic is available as Public preview

Microsoft will disable Legacy Authentication 1st of October 2022 – What this means and what you have to do

Many of my customers move to the cloud in the last recent years. This means for existing environments a start of a journey away from on-prem system going forward to cloud environments. We all know a journey starts with preperation and needs different steps and is always not a good idea to work on all systems together. But on the other hand, same system still exists in there old way and use sometimes old, unsecure protocols for communication and authentication.

To adress this issues Microsoft announce Septemper 2019 in a blog article “Improving security” the disabling of support for Basic authentication for the protocols like EWS, POP, IMAP and Remote Powershell. After the plan the corona crisis came up and Microsote decided to postpone the disabling of the noted protocols.

In September 2021 Microsoft released new information about this in the article “Basic authentication and Exchange Online” including some updated information. Microsoft will disable basic authentication beginning 1st of October 2022 for all protocols except SMTP auth. This means the following protocols will be disabled:

  • Exchange Web Services (EWS)
  • Exchange ActiveSync (EAS)
  • POP
  • IMAP,
  • Remote PowerShell
  • MAPI
  • RPC
  • OAB
Continue reading Microsoft will disable Legacy Authentication 1st of October 2022 – What this means and what you have to do

Speaking at Experts Live Netherlands 2022

The full event month of September is slowly coming to an end and what better way to end it than with a great Azure conference? I´m really happy to announce that I will speak at the Experts Live Netherlands. The Experts Live Netherlands is one of the biggest Experts Live conferences next to Experts Live Europe and celebrates its 10th anniversary this year.

Continue reading Speaking at Experts Live Netherlands 2022