I've recently been engaged on several customer projects where file uploads to an Azure Storage account have to be scanned for malicious content. Usually, this functionality is needed to ingest data safely into an Azure-hosted research environment. In this post, I am describing a solution I designed to scan the uploads for malware using the … Continue reading On-Demand Malware Scanning for Azure Storage Blobs with VirusTotal
Update 2021-01-13 9:15 AM CST: Added additional resources at the end of the article Update 2021-03-23 2:31 PM CDT: Added additional firewall configuration for port 514 and additional SELinux configuration. Azure Sentinel is Microsoft's cloud-native SIEM/SOAR. While being cloud-native means that there is little to no configuration required to ingest a variety of log sources, … Continue reading End-to-End Configuring a RHEL 8 Common Event Format Forwarder for Sentinel
I thought about making the title of this blog post "Creating a uni-directional Azure Virtual Network Peering," but it would have been a bit too click-baity. Still, conceptually, what I am describing in this post is along those lines. Virtual Network Peering and the VirtualNetwork Service Tag When two Virtual Networks (VNets) are peered, the … Continue reading Defaulting Azure Virtual Network Peering from Allowing to Denying Traffic
TL;DR: No. I've been working with numerous customers on Windows Virtual Desktop (WVD) deployments since I started my position at Microsoft. During the process of manually* creating an image, it's common to take snapshots. I especially recommend taking snapshots before sysprepping the image. Once you sysprep an Azure VM, the VM itself is unusable; it … Continue reading Does Deleting an Azure Managed Disk Also Delete Snapshots?
My peers and I work with customers one-on-one, but we also provide "shared" resources. I thought it'd be helpful to share what these resources are. If you're an education IT pro and work with Azure, I am sure you'll find something on this list that will help you do your job more effectively.
File this in the category of error messages that don't really mean what you think. When configuring a failover group using Azure SQL DB, you need to provide a "name" for the failover group. However, the name really becomes the FQDN of the failover group, but that's not directly obvious. The implication of that is … Continue reading Azure SQL DB: The specified failover group name is already in use
As announced before, I will be speaking once again at the annual Atlanta SQL Saturday. The Atlanta MDF is a great group and they put on an excellent event each year. Note: this year, the venue has changed for the first time in as long as I can recall. Be sure to check the location: … Continue reading Speaking at SQL Saturday #652 Atlanta 2017
During my talk "Azure SQL DB: 12 Things to Know ," I briefly discuss the importance of monitoring and updating the IP addresses allowed to connect to your Azure SQL DB. Efficiently managing those firewall rules means you want to script them. In this post, I will provide a few ideas of how you can manage the database server rules using PowerShell scripts.
I am preparing some posts about managing aspects of Azure services with PowerShell. Before you can do that, you'll need to authenticate to Azure. In this "prereq" blog post, I'll briefly walk through the process of authenticating to your Azure subscription from PowerShell. This blog post will only use the "newer" Azure Resource Manager (AzureRm) … Continue reading Logging on to Azure with PowerShell
SSMS 17 was released today. This is a quick first look at some of the additions and changes that immediately stand out to me.