A very common Azure network topology found in larger enterprise environments is that of a hub and spoke using Azure virtual WAN and secure hubs along with an NVA or Azure firewall. Having recently deployed this exact hub and spoke scenario into two twinned regions with an Azure firewall in each a question arose around … Read more
Firstly, for those not familiar with MTA-STS OR CloudFlare Workers I will give a brief introduction to each. MTA-STS (Mail Transfer Agent Strict Transport Security) is an email security standard designed to make it harder for an attacker to get emails sent to an alternative location and to prevent attackers downgrading email encryption on emails … Read more
Often it can be useful for other teams and departments to edit and run their own Azure automation runbooks, however, this creates a challenge – permissions. Runbooks live and are managed from within Azure Automation accounts which are in turn connected to log analytics workspaces and their associated agents. Both automation accounts and log analytics … Read more
This post follows on from my earlier post about AD login logging where we covered how to create a .csv log file containing all your user logins on your machines. Building on that script, wouldn’t it be handy if we could have that information sent to us via an email or text every time a … Read more
Recently I was tasked with setting up an Active Directory environment as the Radius authentication backend for a VPN solution, allowing users in the correct AD group to access the VPN using their AD credentials. Sounds easy enough….. right? Well, then this wouldn’t be a good read would it 🙂 It seems the built-in Windows … Read more