Azure Infra – a technical blog.
-
Azure Sovereign Controls
I’ve talked about sovereignty in Azure (or cloud in general) before.. and we are going to dive a little deeper into it this time. What is it, how do…
-
Hyperscale hardware versus “cloud”
When talking about sovereignty the most heard comment is that cloud provider can replace the big hyperscalers and that its super easy to move. In this post I wanted…
-
Azure VM Disk Encryption Options
Azure provides multiple types of Disk Encryption options. But apart from their features (when you can use which one), lets dive into the how they actually work and differentiate…
-
Azure Confidential VM’s made easy
There has been a lot of talking about “sovereign” clouds lately. How do you secure your data in the cloud from the CSP (cloud provider) being able to access…
-
Client Side Encryption (CSE) & Confidential Computing
In the previous post, I detailed the Server-Side-Encryption and the initial trust that someone must have in the cloud provider. I’ve also demonstrated how confidential compute helps in that…
-
External Key Store vs Azure Managed HSM
A comparison of two options for secure key storage and cryptographic operations Introduction Cryptographic keys are essential for protecting sensitive data and ensuring the integrity and authenticity of digital…
-
Availability Zones & DR
Disaster Recovery – how to recover your application if a disaster occurs. Disaster Recovery is part of what we call “resilience” today. Resilience is the how to ensure that…
-
Availability Zones VM Conversion
As a continuation of my AZGateway migration scripts I entered the scripting world again for the migration of VMs. As anything worth doing is worth doing twice I actually…
-
Availability Zones Gateway Conversion
As promised, I would cover Availability Zones a bit more in the next few posts. If your Azure region supports Availability Zones you probably want to use them. Yes…
-
Azure Availability Zones Mapping Checker
Microsoft is working hard to make “Availability Zones” available for most of their primary Azure regions. What is an Availability Zone will be covered later in another blog post,…
-
BGP Filters in Juniper
So, this topic might be a bit too short for you, and I’m sure your BGP filters in your SRX are way more advanced. But for the simpler people…
-
LDAP Proxy for old stuff
Doing Active Directory Migrations is always tricky, certainly on applications. I’ve recently came across an application that performs an (uche 200x) based simple-LDAP bind to validate credentials. Now, we…