Month: November 2019

Creating Proximity Positioning Groups

Hello guys,

Do you know about Proximity Placement Groups in Azure and what they are used for? With proximity groups, you can place your Virtual Machines as close as possible, thus achieving the best possible latency. These proximity groups are a logical grouping to ensure that computational resources are physically located close to each other.

ppg Continue reading “Creating Proximity Positioning Groups”

Participation in the CloudUp event 2019

Yesterday (10/11/2019) I had the great pleasure of speaking with my friend Clairo Dorneles, voluntarily at the CloudUp event – 3rd Edition. We simulated a live threat and automated response through Azure Sentinel, Microsoft’s SIEM tool. THANK YOU to everyone who participated in this great event and especially to the organizers Erik Filippini and Felipe Santos for the invitation.

Continue reading “Participation in the CloudUp event 2019”

Creating 2nd Generation VMs in Azure.

On the last day of 11/04/2019, Microsoft finally made second-generation VMs generally available, which we had on our local Hyper-v since Windows Server 2012 R2. They have a new architecture based on UEFI that is different from the BIOS-based architecture of generation 1. With these VMs, according to Microsoft, you will be able to:

  • Create larger VMs (up to 12 TBs).
  • Provision OS disk sizes that exceed 2 TBs.

Continue reading “Creating 2nd Generation VMs in Azure.”

Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.

conditional-access-signal-decision-enforcementHello!!!

Conditional access policies are if-then instructions, if a user wants to access a resource, then they must complete an action first.

According to Microsoft, commonly applied policies are:

Require multifactor authentication for users with administrative roles Require multifactor authentication for Azure management tasks Block user entries attempting to use legacy authentication protocols Require trusted locations for Azure Multifactor Authentication registration Block or allow access in specific locations Block risky sign-in behaviors Require organization-managed devices for specific applications

Very important, to use this feature you must have at least one “premium” license from your Azure Active Directory.

As a demonstration, I will enforce MFA (Multifactor Authentication) for all administrative users. Continue reading “Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.”