Tag Archives: Security

Awarded as Microsoft MVP for Azure and Microsoft Security 2024-2025

I am pleased to announce that I have once again been recognized as a Microsoft MVP for Azure and Security in 2024-2025. This year there were some internal changes and the announcement was therefore postponed to July 10. So late Wednesday the mail came and I saw, just before my birthday, that I was again awarded in the following categories:

  • MVP for Microsoft Azure Compute Infrastructure
  • MVP for Cloud Security

What a great surprise

It is still an honor to be part of this family. There are many people who have supported me along the way, without whom this award would not have been possible. A big thank you goes to my wife Jessica, without her support this would not have been possible. There are many people who have become true friends during this time and to whom I am very grateful for their support, like Eric Berg, Thomas Naunheim, Marcel Meurer and Tom Janetscheck and many others. Also a big thank you to my Azure Bonn Orga Team, René de la Motte and Thomas Naunheim without whom the many Meetups and the Cloud Identity Summit would only be half as nice.

But this award is not possible without the community and the recognition from Microsoft, so a big thank you for that.

If you’re interested in what conferences you can find me at in 2024, feel free to check out my upcoming community events page.

Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information

Microsoft announced with Defender for Cloud Security Posture Management a new plan in the Defender for Cloud product family which focuses on a central view on the security posture of the customer.

In this article I will give a overview about which topics Defender for CSPM covers, how it will be enabled and how the pricing is actual working which holds some suprises if Defender for Servers is already in use.

Continue reading Microsoft Defender for CSPM is GA – Information about activation, billing and new pricing information

Microsoft MVP for Azure for 2023-2024 (5th year in a row) and 1st time MVP for Security

Every year on July 1, the MVP renewal process takes place and Microsoft notifies us on that day if we will be awarded another year as an MVP based on our contributions. So most of the MVPs look into their inboxes and wait for the mail notification. Some colleagues call the day the F5 day, because second by second the inbox is updated 🙂

This year there were some technical difficulties and so late on July 1 there was an announcement that the MVP announcement would be delayed until July 6. Again a murmur went through the internet. 🙂

So the F5 day is postponed to Thursday and all are looking curious on this day. Late on Thurday the Mail comes in, but I´m in a customer meeting and overlook the notifcation. Some minutes later I take a look and I was once again recognized as a Microsoft MVP in the Azure category for 2023-2024. That was my first surprise, but the mail continues and I see another surprise. Microsoft also awarded me in a 2nd category and now I am also MVP for security. 🙂

I’m really grateful and honored to have received this special award for the fifth year in a row and also awarded as MVP for Security.

Continue reading Microsoft MVP for Azure for 2023-2024 (5th year in a row) and 1st time MVP for Security

Speaking at Experts Live Netherlands 2023 about Mastering Defender for Servers

I´m really happy to announce that I will speak at the Experts Live Netherlands 2023 Spring edition. The last one was the 10th annivesary edition in Fall last year. The Experts Live Netherlands is one of the biggest Experts Live conferences next to Experts Live Europe and because of the big Experts Live Europe will take place this year in autumn, the Orga Team decided to organize the 11 edition in spring.

Contents [show]

Session overview

This year, my session will be about the Mastering Defender for Servers. In this session I will focus on Defender for Servers to protect servers across hybrid and multicloud environments. So I dived into the different plans, feature sets, deployment methods and more. Futhermore I show as a side note the new Defender for CSPM Plan and explore how agentless scan methods works. Deploy defender for servers at scale will complete the view and enable the attendees to mastering defender for servers.

Motivation

I like the idea behind the Experts Live community and really looking forward to see many community members there, greats friends again and certainly make new contacts.
This year the edition is with 1,200 registrations sold out. The Keynote will be held by Dona Sarkar. So it is worth to be there

About Experts Live Netherlands

Experts Live is an international Microsoft community platform focusing on knowledge sharing through live events.

Every year Experts Live Netherlands organizes a large-scale one-day event where more than 1200+ IT Pros and Developers gain knowledge of Microsoft technology. National and international community experts update visitors on the latest Microsoft technologies in one day.

Slides

It was a pleasure to speak at 11th edition of the Experts Live Netherlands. With more then 1200 attendees is was one of my biggest in-person conferences in the last couple of months. Thanks to the organizers and sponsors who made this possible!

You can find the slides from my talk about Mastering Defender for Servers here. Please keep in mind that this slides was only for the Experts Live Event and I will improve the session based on the Feedback from the attendees.

Speaking at Experts Live Netherlands 2022

The full event month of September is slowly coming to an end and what better way to end it than with a great Azure conference? I´m really happy to announce that I will speak at the Experts Live Netherlands. The Experts Live Netherlands is one of the biggest Experts Live conferences next to Experts Live Europe and celebrates its 10th anniversary this year.

Continue reading Speaking at Experts Live Netherlands 2022

How I passed the Microsoft Cybersecurity Architect exam SC-100 and why I am now a Microsoft Cybersecurity Architect Expert

Three months ago on 7th of April Microsoft announce a new exam for security architects and introduce again the existing exams SC-200, SC-300, AZ-500 and MS-500. The article contains the new announcement of the new exam SC-100 to become Microsoft Cybersecurity Architect.

I took the Microsoft Cybersecurity Beta exam #SC100 and got yesterday the confirmation that I passed the exam. This is great news for me as it confirms that I am gaining a better and better knowledge in Azure Security topics.

In this article I will introduce the exam, how to get the Microsoft Cybersecurity Architect Expert award and which materials I used to prepare for the exam.

Continue reading How I passed the Microsoft Cybersecurity Architect exam SC-100 and why I am now a Microsoft Cybersecurity Architect Expert

Microsoft MVP for Azure 2022-2023

Every year on July 1, the MVP renewal process takes place and Microsoft notifies us on that day if we will be awarded another year as an MVP based on our contributions. So most of the MVPs look into their inboxes and wait for the mail notification. Some colleagues call the day the F5 day, because second by second the inbox is updated 🙂

This year there were some technical difficulties and so late on July 1 there was an announcement that the MVP announcement would be delayed until July 5. A murmur went through the internet. 🙂

But late Tuesday I got to rejoice again, because that’s when the mail came and I was once again recognized as a Microsoft MPV in the Azure category for 2022-2023. It’s a great award, and I’m very pleased to have received this special award for the fourth year in a row.

Continue reading Microsoft MVP for Azure 2022-2023

Connect and Secure Azure PaaS services to Virtual Networks with Private Link

Azure allows to use IaaS and PaaS solution together over the same network. But all Azure PaaS services using a public interface for connection. When configure the PaaS firewall to allow traffic only from internal VNETs the public interface still exists. With Azure Private Link there is a new service to disable the public interface and add a private endpoint to secure connect to PaaS from your own VNET.

When configuring the internal service Firewall to block all traffic from outside the VNET, the Firewall make a mapping from internal VNET traffic to the Public IP and block all other IP- Adress ranges – and here comes the new Azure Service Private Link into play. This blog post will cover how Private Link works and how to configure this service for your environment including own DNS solution to get a complete private based Azure VNET.

Continue reading Connect and Secure Azure PaaS services to Virtual Networks with Private Link

Bye Bye Windows Server 2008R2 It was a good time – Get Extended Support and think about a change

Today Windows Server 2008 (R2) / Windows 7 reaches her End of Live (14.01.20) date and doesn`t receive Security updates anymore.

I think it was a great time with Windows Server 2008. WS2008 launched Hyper-V, one of the most powerful hypervisor on the market and the foundation of today’s Azure infrastructure. With WS2008, the first version of the Server Manager, the pre-release version of Windows Admin Center, was released.

In this article, I will list some of your options to get extended support for available Windows Server 2008 (R2) – but I prefer to discuss new solutions to replace the outdated infrastructure. Use this date to consider a change to move your infrastructure to the same flexible and scalable environment you had when Windows Server 2008 was introduced.

I know the time is to short to demote the existing Windows Server 2008 R2 and migrate the workloads to a newer operating system. But now it’s time to modernize your landscape. See which solutions Microsoft offer to extend the time or to renew the infrastructure.

Continue reading Bye Bye Windows Server 2008R2 It was a good time – Get Extended Support and think about a change

Azure Bastion – Secure Access Azure VMs via SSH/RDP without Public IP or Jumphosts

Update 5 on 01/12/2021

Microsoft has changed the #AzureBastion minimum subnet size from /27 to /26. Installed #Azure Bastion are unaffected, but new deployments require the new subnet size. Please remember this. https://docs.microsoft.com/en-us/azure/bastion/bastion-faq#subnet

Update 4 on 14/07/2021

Microsoft has announced a new Azure Bastion Standard SKU as part of the ongoing Microsoft Inspire 2021. The difference between Basic and Standard SKU and the deployment process are summarized in this article.

Update 3 on 16/05/2021

VNET peering support for Azure Bastion is now GA

Update 2 on 26/04/2021

I updated the article based on the latest information around Azure Bastion. One big announcement is the support for peered VNETs for Azure Bastion – this is also integrated in this article. Please feel free to share and comment 🙂

Azure Bastion is a new service to reaches Azure VMs in a secure way without needing a Jump host in the same VNET or to publish an Public IP for a VM. Many customers using Public IPs to reach VMs (Windows and Linux) in Test and Dev environment. Please avoid managing Azure VMs over a Public IP, this is unsecure – use Azure Bastion.

Azure Bastion is in public preview since end of June 2019. Azure Bastion is General Available (since Microsoft Ignite 2019) and many limitations are gone. This article will short introduce the service, the new features and how easy is it to enroll the service in the environment to reach Azure VMs (Windows or Linux) over a secure way.

Azure Bastion architecture from MS docs
Azure Bastion architecture from MS docs
Continue reading Azure Bastion – Secure Access Azure VMs via SSH/RDP without Public IP or Jumphosts