Azure Infra – a technical blog.

Client Side Encryption (CSE) & Confidential Computing

In the previous post, I detailed the Server-Side-Encryption and the initial trust that someone must have in the cloud provider. I’ve also demonstrated how confidential compute helps in that…

June 24, 2024
External Key Store vs Azure Managed HSM

A comparison of two options for secure key storage and cryptographic operations Introduction Cryptographic keys are essential for protecting sensitive data and ensuring the integrity and authenticity of digital…

June 20, 2024
Availability Zones & DR

Disaster Recovery – how to recover your application if a disaster occurs. Disaster Recovery is part of what we call “resilience” today. Resilience is the how to ensure that…

May 30, 2022
Availability Zones VM Conversion

As a continuation of my AZGateway migration scripts I entered the scripting world again for the migration of VMs. As anything worth doing is worth doing twice I actually…

May 19, 2022
Availability Zones Gateway Conversion

As promised, I would cover Availability Zones a bit more in the next few posts. If your Azure region supports Availability Zones you probably want to use them. Yes…

April 19, 2022
Azure Availability Zones Mapping Checker

Microsoft is working hard to make “Availability Zones” available for most of their primary Azure regions. What is an Availability Zone will be covered later in another blog post,…

March 23, 2022
BGP Filters in Juniper

So, this topic might be a bit too short for you, and I’m sure your BGP filters in your SRX are way more advanced. But for the simpler people…

March 23, 2022
LDAP Proxy for old stuff

Doing Active Directory Migrations is always tricky, certainly on applications. I’ve recently came across an application that performs an (uche 200x) based simple-LDAP bind to validate credentials. Now, we…

March 22, 2022
ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – Part 4 – Groups

In earlier posts I talked about ADMT and user accounts. Now a migration is never a full migration if groups are not migrated too. But how Azure AD Connect…

March 10, 2022
when Azure subscriptions make sense

I wanted to write this post on when to decide on a new subscription or not.. but then it turned to security – which – as many of you…

February 7, 2022
Look up… DNS Anycast on ADDS

When deploying Active Directory, it has been a tradition to set the DNS IP addresses on clients to match the nearest Domain Controller to the clients. This means that…

February 2, 2022
SQL on AKS on HCI

I thought to start the new year with acronyms. This post will be about deploying Microsoft SQL containers inside Azure Kubernetes Services running on top of Azure Stack HCI.…

January 21, 2022