Secure Azure Virtual Network – Defense In Depth using Network Security Groups, User Defined Routes and Barracuda NG Firewall

Kloud Blog

Security Challenge on Azure

There are few common security related questions when we start planning migration to Azure:

  • How can we restrict the ingress and egress traffic on Azure ?
  • How can we route the traffic on Azure ?
  • Can we have Firewall kit, Intrusion Prevention System (IPS), Network Access Control, Application Control and Anti – Malware on Azure DMZ ?

This blog post intention is to answer above questions using following Azure features combined with Security Virtual Appliance available on Azure Marketplace:

  • Azure Virtual Network (VNET)
  • Azure Network Security Groups (NSGs)
  • Azure Network Security Rule
  • Azure Forced Tunelling
  • Azure Route Table
  • Azure IP Forwarding
  • Barracuda NG Firewall available on Azure Marketplace

One of the most common methods of attack is The Script Kiddie / Skiddie / Script Bunny / Script Kitty. Script Kiddies attacks frequency is one of the highest frequency and still is. However the attacks have been evolved into something more…

View original post 1,023 more words

Azure ExpressRoute in Australia via Equinix Cloud Exchange

Kloud Blog

Microsoft Azure ExpressRoute provides dedicated, private circuits between your WAN or datacentre and private networks you build in the Microsoft Azure public cloud. There are two types of ExpressRoute connections – Network (NSP) based and Exchange (IXP) based with each allowing us to extend our infrastructure by providing connectivity that is:

  • Private: the circuit is isolated using industry-standard VLANs – the traffic never traverses the public Internet when connecting to Azure VNETs and, when using the public peer, even Azure services with public endpoints such as Storage and Azure SQL Database.
  • Reliable: Microsoft’s portion of ExpressRoute is covered by an SLA of 99.9%. Equinix Cloud Exchange (ECX) provides an SLA of 99.999% when redundancy is configured using an active – active router configuration.
  • High Speed speeds differ between NSP and IXP connections – but go from 10Mbps up to 10Gbps. ECX provides three choices of virtual circuit speeds in Australia: 200Mbps, 500Mbps…

View original post 844 more words

Secure Azure Virtual Network (VNET) and Create DMZ on Azure using Network Security Groups (NSG) – Azure Security Part II

At TechEd Europe 2014, Microsoft announced the General Availability of Network Security Groups (NSG) which add security feature on Azure Virtual  Network (VNET). The feature is very compelling from security point of view. NSG is one of the Azure security feature I always use everytime I design solution using Azure. I have blogged this last … Continue reading Secure Azure Virtual Network (VNET) and Create DMZ on Azure using Network Security Groups (NSG) – Azure Security Part II

Windows Azure Online Backup Step By Step

Before We discuss any further, You need to have Windows Azure account and enable Windows Azure Preview features. You need a x.509 v3 certificate to register your servers with backup vaults. The certificate must have 2048 key length , have valid Client Authentication EKU, validity period is no more than 3 years and reside at certificate … Continue reading Windows Azure Online Backup Step By Step

Export and re-Provision your Azure VM with Azure PowerShell

  For PowerShell users out there. You can administer your Azure VM more fun with Windows Azure Powershell. Before We start our exporting and re-provisioning mission, We do need some preparations beforehand. 1. Please install Windows Azure Powershell either on your desktop or your bastion host. Download here. 2. Run Windows Azure Powershell with your … Continue reading Export and re-Provision your Azure VM with Azure PowerShell

Connect your System Center 2012 to Windows Azure subscription

Microsoft just launched their Azure availability zone in Australia which will open new Cloud computing chapter in Australia. End of June post will be how to connect your Windows Azure subscription to your existing System Center 2012 App Controller. You need to have Windows Azure account and subscription as well as App Controller installed on … Continue reading Connect your System Center 2012 to Windows Azure subscription

How to redirect http to https using IIS7.0

Thinking of migrating your IIS 7.0 Engine to Cloud ? Previous post We have discussed regarding IIS Migration. Today post will be redirecting our http traffic to https. This will ensure your users always accessing the site securely. There are many ways to redirect http to https, however I believe in below ideal principle : … Continue reading How to redirect http to https using IIS7.0

Export Emails from OWA to Office 365

    This post will discuss prerequisite, how to and link for the PowerShell scripts as your main tool. Office 365 gains popularity and pay as you go model suits businesses. The questions raise, how to migrate my emails which sitting from OWA to Office 365. Microsoft Outlook allows you to export email messages very … Continue reading Export Emails from OWA to Office 365