Month: July 2025

Operational insights on customer controlled maintenance for Azure Firewall

Managing security infrastructure in production environments always requires careful coordination. Network security components such as firewalls sit directly in the data path of critical applications, meaning that even small operational changes must be handled with caution.

Azure has introduced customer-controlled maintenance for Azure Firewall, a capability that gives organizations more control over when maintenance activities and updates are applied.

This improvement can be particularly valuable for enterprises that operate workloads with strict availability requirements.

Continue reading “Operational insights on customer controlled maintenance for Azure Firewall”

Enabling Trusted Launch on existing virtual machine scale sets

Security in cloud environments is no longer only about perimeter controls. Increasingly, protection needs to start at the infrastructure level, including how virtual machines are initialized and validated during boot.

Azure Trusted Launch is a feature designed to address this challenge. While many new deployments already benefit from it by default, an important question remains for many organizations: how can Trusted Launch be enabled on existing virtual machine scale sets?

This article explores that transition and highlights the architectural and operational implications involved.

Continue reading “Enabling Trusted Launch on existing virtual machine scale sets”

Trusted launch default for new Gen2 VMs and scale sets explained

Hello everyone,

Azure continues to strengthen the security posture of its compute platform, and one recent change moves in that direction: Trusted Launch is becoming the default configuration for new Generation 2 virtual machines and VM scale sets.

Instead of requiring administrators to explicitly enable this feature, new deployments will automatically include these protections by default.

Continue reading “Trusted launch default for new Gen2 VMs and scale sets explained”

Azure DNS security policy explained

Hello everyone,

DNS plays a critical role in modern cloud environments. Almost every application relies on DNS resolution to connect services, APIs, and external platforms. Because of this central role, DNS is also a common entry point for security threats.

To address these risks, Azure introduced DNS security policies, allowing organizations to apply additional protection and governance over DNS traffic.

Continue reading “Azure DNS security policy explained”