Category Archives: Zero Trust

Allgemein, Azure Active Directory, Azure Security, Cloud, Microsoft, Zero Trust

Microsoft enforces MFA requirements for user login to Azure portal for all tenants

Leave a comment

Password spray attacks on accounts have increased rapidly in recent months. As a result, the security risks for accounts that do not use MFA for authentication have increased significantly. Microsoft works in the past on different ways to enable MFA for all users they work with Azure and Microsoft 365. One first try was the activation of security defaults, but this can be deactivated by user.

Based on this development and for other reason Microsoft announced the enforcement for Mutlifactor authentication for all sign-in/access to the Azure Portal. This announcement was a little suprise and bringe some challenges to organization espesically when we take a look at service principals and break glass accounts. Don´t get me wrong, it is mandatory to enable MFA for all users they access your tenant and have a valid and regulary reviewed Conditional Access policy in place. But for some special accounts this was not the focus or recommended. In this article I will explain how Microsoft rollouts this enforcement which steps you have to proof and how you can ensure that you are not affected or prepared for the upcoming changes.

Continue reading Microsoft enforces MFA requirements for user login to Azure portal for all tenants
Allgemein, Azure Security, Azure VM, Cloud, Defender for Cloud, Microsoft, Windows Server, Zero Trust

Enable granular pricing for Defender for Servers P1 or P2 on specific resources within your subscription via API/Powershell

Leave a comment

Microsoft model for a scalable Cloud Adtoption is based on the Enterprise Scale Architecture and I think this is a scalable and useful modell for every customer that uses Azure ressources. It´s based on the definition to granulary devide the workloads in different subscriptions and gives via Management Groups the possibility to group this differnent subscription into workload groups like Development, Core, etc. I know many customers struggle with this model and mistakenly think that Enterprise Scale is a reference to Enterprise customers, but this is not the case.

Based on the Enterprise Scale Architecture some services and security features can only be activated on subscription level to guarante that each resource inside the subscription is secured. This basis makes it even more important for customers to consider the Enterprise Scale Architecture or to orient themselves towards it.

The Microsoft Defender for Cloud and especially the Defender for Server P1 and P2 plans can only be activated on subscription level in the past. Microsoft has decided to change this and now allow plans to be activated at resource level (per server). It is important to understand that the principled approach activating on Subscription Level and the Enterprise Scale architecture are still valid and needed and this possibility is only a concession to cover certain requirements:

  • manage security configurations at a lower hierarchy level
  • flexibility for excluding specific resources (VMs) inside the subscription
  • enable different plans on subscription because for implementation of Enterprise Scale approach
Continue reading Enable granular pricing for Defender for Servers P1 or P2 on specific resources within your subscription via API/Powershell
Allgemein, Azure Security, Cloud, Defender for Cloud, Microsoft, Zero Trust

Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information

Leave a comment

Microsoft announced with Defender for Cloud Security Posture Management a new plan in the Defender for Cloud product family which focuses on a central view on the security posture of the customer.

In this article I will give a overview about which topics Defender for CSPM covers, how it will be enabled and how the pricing is actual working which holds some suprises if Defender for Servers is already in use.

Continue reading Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information
Allgemein, Azure, Azure Network, Azure Security, Cloud, Microsoft, Zero Trust

Azure Firewall Basic SKU is now GA

Leave a comment

Microsoft announces with the Azure Firewall Standard and Premium two native Firewall Services available as PaaS solution what are a great benefit to classic Firewall deployments, because of native Autoscaling Features, no need for VM Management and more. Unfortunately the price was to high for SMBs, with 900€ for the Standard and over 1200€ for the Premium Edition. A frequently requested Features, was a cheaper variant aimed at small and medium businesses.

This wish has been answered and last year October with the Azure Firewall Basic edition (public preview). The Azure Firewall Basic (AzFw Basic) has leaved the Public Preview and are now GA. The planned subscription must first be prepared before the deployment can begin with some Powershell commands.

Now Azure offers three different Azure Firewall solutions. The following table list the different SKUs and the price for using in West Europe (03/2023).

Microsoft has made some changes to deploy the Firewall Basic compared to the Firewall Standard and Premium SKU for better Service avalability. This article will give you a short overview of this changes.

Continue reading Azure Firewall Basic SKU is now GA
Allgemein, Azure, Azure Security, Cloud, Microsoft, Zero Trust

How I successfully passed the MS Defender for Cloud Ninja training and how the security community helped me

1 Comment

One of my goal this year was to work more and more with the Microsoft security solutions and got deeper into the different services and possibilities. My focus on this is to get a better understanding how we can secure our Hybrid Cloud environment with the different Microsoft defender products.

About the Microsoft Security Community

Continue reading How I successfully passed the MS Defender for Cloud Ninja training and how the security community helped me