Tag Archives: Azure Monitor

Connect physical/virtual servers to Azure Arc for centralized Azure management

The Cloud usage grows in the last years rapidly, but in many customer environments we had servers and applications they can´t migrate to the cloud about different reasons. There are many reasons why applications can not migrated to the cloud e.g. data regulations, connections and latency challenges and more. On the other hand customers whish to use different cloud providers. In summary the hybrid cloud is one of the most use cases in many customer environments. Microsoft released Azure Arc as a solution for hybrid cloud environments. Azure Arc was announced as public preview at Ignite 2019 and going GA on Ignite 2020.

In this article I will cover how connect Windows VMs to Azure Arc.

Azure Arc in General

Azure Arc capabilities – Image from Microsoft Docs

Azure Arc is a solution to extend the Azure management capabilitites to services outside of Azure. This gives the possibilites to manage different services, in different environments from one central place with same capabilities across different services layers.

Microsoft release the first version for Server management and has since expanded the range of functions over Dataservices, Kubernetes and new since some days Azure applications.

Continue reading Connect physical/virtual servers to Azure Arc for centralized Azure management

Speaking at Cloud Eight Conference about 7 Best Practices for Azure File Sync

Update 1 on 22/06/2021

The recording of the session is now available on Youtube. I have added the link at the end of the article.

I am glad to announce that I was invited as a speaker to the Cloudeight conference. This is the 3rd edition of this conference and the conference is grown to a really big conference with a lots of great speakers and sessions. The conference itself was founded by Drago Petrovic as a free community driven conference.

I am very exited to deliver a session on 7 tips you need to know to use Azure File Sync perfectly. Azure File Sync is a perfect service to sync file servers across enterprise boundaries through a central Azure Fileshare. In this session, I will share the best practices to use Azure File Sync perfectly based on my real-world experience. I will cover the following topics:

Continue reading Speaking at Cloud Eight Conference about 7 Best Practices for Azure File Sync

Azure VM Best Practices

Last year Gregor Suttie and Richard Hooper launched the Azure Advent Calendar and I got to support with a session on Azure Bastion. This year they improved on the idea with the Festive Tech Calendar. I’m happy to be back with an article on Azure VM best practices. I hope you find the article helpful and I would appreciate feedback.

Over the past few months, I have conducted many customer workshops, designed and implemented Landing Zones, and migrated or placed VMs into Azure. One of the most common customer questions has been about best practices for Azure VMs to maximize performance and efficiency, minimize costs, increase security, and reduce management overhead. This article is based on my real-world experience and recommendations based on several Azure projects.

Continue reading Azure VM Best Practices

Howto setup and monitor Break Glass Accounts in your Tenant

09/07/2024 – Update 2

Microsoft enforce since 1st of July 2024 the need for Multifactor Authentication if a account access the Azure Portal. This also affects Break Glass accounts when the will use to access the Azure Portal. To reflect this new requirements classic Breakglass Accounts which only have a password enabled for login will won`t work after the rollout.

Microsoft recommend to use FIDO2 or certificate based authentication for these accounts. I`ve updated the article to enable FIDO2 for Breakglass accounts.

19/01/2022 – Update 1

I´ve updated the article because the actual sign-in query only logs all login attempts of the break glass account (successfully, unsuccessfully, etc.) . I added the different IDs so that you can setup the alert mail based on a indivudal filter. Thank you goes out to Eric Soldierer for this note. I also updated some changed services that had left their preview status.


In the past I do a lot of Azure Governance workshop and one interesting topic is how to handle the Break Glass Account. Before we going deeper, first we take a look was is the Break Glass Account. For each Administrator role in Azure or Office365 is it best practice to use MFA to secure the account and get a better security for the Tenant. To realize this, normally we use Conditional Access and create a rule, that every Admin require MFA for login. But what can we do, when:

  • the MFA service is down
  • we create a Conditinal Access that with a wrong rule set and lost sign-in access
  • we do not regulary update our control list and the admin account goes lost

For this cases we need a Break glass account, an additional account with a high security password, to enter the Tenant in an emergeny case. For this account, there are some recommendations:

  • only use a generic account
  • create a complex password with more than 16 characters
  • use a seperate FIDO2 key for every breakglass account
  • up to 256 characters possible – the limit of 16 character is removed
  • for compliance reason divide the password into two parts
  • save each part in a different location
  • create a security group that contains the break glass accounts
  • create two break glass accounts with no standard username like breakglass@ or emergency
  • use the Tenant name for the account
  • do not use a custom domain name
  • in futher it will be possible to use FIDO2 security key for break glass (right now is in preview and not recommended for such critical scenario)

Now we can discuss in some ways a security gap – a service account with Global admin rights that do not require MFA for login. The use of a generic name can be a risk and the usage of this account most be transparenet for every tenant admin. Now you see, why it is so important to monitor this accounts and get notified when they will be used for login.

Continue reading Howto setup and monitor Break Glass Accounts in your Tenant

How I pass the Azure Security Exam Az-500

In the past I have taken several Azure exams, and yesterday I took the Azure Security exam Az-500. I am really glad that I passed the exam. In this article I will give you a brief overview of the topics I saw in the exam and what materials I used to prepare for the exam. I can say directly that the best way to succeed in the exam is practice.

Continue reading How I pass the Azure Security Exam Az-500

Cloud SIEM Azure Sentinel nun Allgemein Verfügbar

SIEM (Security Information and Event Management) Systeme sind in den meisten Unternehmen bereits für Security Zwecke im Einsatz. Eine rein Cloudbasierte Variante hat Microsoft vor ca. 6 Monaten als Public Preview unter den Namen Azure Sentinel vorgestellt. Azure Sentinel hat unzählige Konnektoren und basiert im Backend auf Log Analytics. Seit heute ist Azure Sentinal allgemein verfügbar und Microsoft hat die Preise und die SLA veröffentlicht. Diese Artikel gibt einen Überblick über die enthaltenen Services, welche Preismodelle vorhanden und welche Features kostenfrei verfügbar sind.

Continue reading Cloud SIEM Azure Sentinel nun Allgemein Verfügbar

CDC-Germany Slides zu System Insights und Rückblick

CDC Germany - My System Insight Session
CDC Germany – My System Insight Session

Gestern Vormittag durfte ich zum ersten Mal auf der Cloud and Datacenter Conference (CDC-Germany) in Hanau eine Session halten. Die CDC ist eine der wenigen Konferenzen in Deutschland, die den Fokus auf On-Prem und Hybrid Cloud Szenarien legt und dadurch viele Kunden erreicht. Carsten und seine Frau haben eine tolle Konferenz gegründet, die jedes Jahr mehr Teilnehmer zählt. Dies liegt auch an den vielen hochkarätigen Sprechern, die Carsten für die Konferenz gewinnt.

Continue reading CDC-Germany Slides zu System Insights und Rückblick

Zusammenfassung der MSIgnite Keynote

Gerade ist die Keynote der MSIgnite zu ende gegangen. Wer nicht die Zeit hatte zu schauen und alle Informationen über Neuigkeiten und Releases auf einen Blick sucht, ist hier richtig.

Fangen wir gleich an, was in den 90 Minuten angekündigt wurde. Julia White eröffnete die Keynote und übergab danach an Scott Guthrie .

Continue reading Zusammenfassung der MSIgnite Keynote