Category: Azure

How to deploy Azure Stack HCI part 1 (Manual)

Before we start, we will need to know a few things about Azure Stack HyperConverged Infrastructure. Basically it means that we can deploy physical hardware on-premise that uses internal hardware to create a redundant setup when deploying multiple nodes. When deploying Azure Stack HCI on hardware you will get...

What is Azure ARC and how to deploy it for on-premise (virtual) machines?

In the last few years we see an evolving hosting landscape. Emerging cloud hosting and even cloud offboarding for certain workloads. But with this increasingly complex environments we need to find a way to manage and governance our clouds. With Azure Arc you can governance, manage and maintain your...

Enable Inter-Hub traffic Azure Virtual WAN through Azure Firewall (Manual)

Since Azure WAN came out I’ve configured multiple Azure Virtual WAN environments. But since september 2023 it is now possible to automatically assign firewall routes to all your VPN tunnels. By default traffic from 1 VPN tunnel to another VPN tunnel will bypass the firewall. With this new Inter-hub...

Deploy Azure Firewall with Azure virtual WAN (Manual)

In the past blog I showed you how to deploy Azure Virtual WAN with a HUB (Deploy Azure Virtual WAN with Virtual HUB (Manual) | 2 Azure). Today we will continue the journey with the deployment of the Azure Firewall. Prerequisites: STEP 1: Deploy Azure Firewall policy From the...

Deploy Azure Application Gateway V2 with http to https redirect

Azure Application Gateway is an advance type of load-balancer. Where an Azure Load-balancer routes traffic on the transport layer (OSI Layer 4 | TCP + UDP) the Application Gateway is a way more advanced load-balancer. It can route based on URL as well on path’s. On top of that...

How to setup BGP VPN connection with Azure WAN (Lessons learned)

Last few weeks I’ve been busy with setting up an Azure Virtual WAN environment with multiple VPN connections. One of them is a High available VPN with BGP connection to a Fortigate Firewall. Since this Fortigate Firewall is hosted with a 3rd party, I don’t have any screenshots or...

Get started with Azure Functions (Manual)

Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running. As you build your functions, you have...

How to register Azure B2C tenant in the Azure API Managent (Manual)

From within the Azure API Manament portal there is a default authentication option for your API consumers. The better option is to configure a connection with an Azure B2C tenant. This will enable you to enforce MFA and conditional access policies on your API applications. In this manual it...

How to solve in Azure: The subscription is not registered to use namespace ‘xxxxxx’

Sometimes it happens that if you want to deploy a new type of resource in Azure that you receive the following error: The subscription is not registered to use namespace ‘*********’. See https://aka.ms/rps-not-found for how to register subscriptions. Today I received the above error for the namespace Microsoft.AzureActiveDirectory. And...

IP Groups in Azure Firewall

If you are planning on using Azure Firewall you will definitely need to start using IP Groups. This will make your life so much easier and save you a lot of time in future changes because it will allow you to group and manage IP addresses for Azure Firewall...

How to deploy fonts to Windows clients using Intune. (Manual)

Last week I had a customer that wanted to deploy multiple fonts to all his clients. Since there is no default option to deploy fonts to Intune clients, it is time to do some PowerShell magic, in Intune. How to install fonts on your device? If you have new...

Azure VM cannot connect to RDP (NLA, Manual)

Today I had to restore a virtual machine from a backup from 2 weeks ago. Once booted I received the error message that I was not able to connect because of the following error: The remote computer that you are trying to connect to requires Network Level Authentication (NLA),...

CSP: Granular Delegated Admin Privileges (GDAP) explained

Microsoft has been working on improving security. In the last few years every CSP customer has had the request to grant Delegated Admin Privileges (DAP) at least once. Without it is hard for the CSP Partner to grant and assign licenses, however not impossible. Of course it is convenient...

Bring your own IP (BYOIP) to Azure with Custom IP Prefix

When you want to move to Azure, but you want to retain your current public IP addresses, because of IP whitelisting, or te preserve your established IP reputation, you can now move your Public IPv4 Addresses to Azure. Once onboarded, these IPs can be associated with Azure resources, interact...

Setup a good password policy in Azure AD

A good password policy is the first step on securing your environment and company data. Without a password policy in place you can be sure that a lot of users will take a password that can be easily guessed and/or brute forced in less than 5 minutes. Default Azure...

Azure OMI Vulnerability

Microsoft has released multiple security updates in last Patch Tuesday. One off them fixes a high risk vulnerability (CVE-2021-38647) Also know as OMIGOD. This vulnerability can be used remotely, so exploitation is expected soon. This flaw doesn’t directly affect Windows at all, because it’s a bug in Microsoft’s open...

New fluent Azure icon

Some people might have noticed it, but Microsoft has released a new Azure Icon in its portal. By changing the icon Microsoft wants to match the style with their Fluent Design System making it more familiar for their customers. Source: https://azure.microsoft.com/en-us/blog/a-fluent-new-look-for-the-azure-icon/...

Automate Azure SQL Size using Azure Automation (Manual)

Recently a customer asked me how to save cost on their Azure SQL database without moving away from DTU based subscription model. In this case this customer knows exactly at what time their database is heavily utilized, and when it’s idling. So with a script its easy to automate....