Tag: cybersecurity

Azure Firewall’s Explicit Proxy feature (preview)

Hello Guys,

Azure Firewall is a cloud-native network security service that protects your Azure resources and applications. It operates in a transparent proxy mode by default, which means that traffic is sent to the firewall using a user defined route (UDR) configuration. The firewall intercepts that traffic inline and passes it to the destination.

However, there is another mode that you can use for your outbound traffic: Explicit proxy. This mode allows you to configure a proxy setting on the sending application, such as a web browser, with Azure Firewall acting as the designated proxy. This way, traffic from the sending application goes to the firewall’s private IP address and egresses directly from the firewall without the need for a UDR.

Continue reading “Azure Firewall’s Explicit Proxy feature (preview)”

Azure Firewall: DNS, DNS proxy and FQDN filtering


Hello, everyone !!!

Did you know that in Azure Firewall it is possible to do custom DNS filtering, using your Azure Firewall as a DNS proxy and even create rules based on FQDN (for non-HTTP/S and non-MSSQL protocols).

Continue reading “Azure Firewall: DNS, DNS proxy and FQDN filtering”

Configuring passwordless with your Authenticator APP

HEEYYY!!!

Microsoft has previewed a new security feature that allows the use of the Microsoft Authenticator app to log in to Azure without the need for a password. This is relevant because one of the most common ways to steal passwords today is through a keylogger, which captures the password and username as the user types. However, this is just one of the problems it solves. Another important issue is to avoid password storage.

microsoft-authenticator-app Continue reading “Configuring passwordless with your Authenticator APP”

Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.

conditional-access-signal-decision-enforcementHello!!!

Conditional access policies are if-then instructions, if a user wants to access a resource, then they must complete an action first.

According to Microsoft, commonly applied policies are:

Require multifactor authentication for users with administrative roles Require multifactor authentication for Azure management tasks Block user entries attempting to use legacy authentication protocols Require trusted locations for Azure Multifactor Authentication registration Block or allow access in specific locations Block risky sign-in behaviors Require organization-managed devices for specific applications

Very important, to use this feature you must have at least one “premium” license from your Azure Active Directory.

As a demonstration, I will enforce MFA (Multifactor Authentication) for all administrative users. Continue reading “Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.”