-
Migrating from Azure Arc server to Azure VM
It’s becoming more common that on-prem and non-Azure cloud servers are in situations where they are Azure Arc servers that are migrating to Azure. After the migration their server resources are represented in Azure as Azure VMs. There is a recently documented process from Microsoft, that if not followed when you are in this migration […]
-
Azure Sentinel SOAR worker: Azure Arc + Azure Automation
Azure Sentinel is a Microsoft flagship security product: a cloud-native Security Information & Event Management (SIEM) tool that has enjoyed great marketplace acceptance in the last year. Azure Sentinel includes Security Orchestration, Automation, & Response (SOAR) capabilities that increase SOC effectiveness and save you time and resources. SOAR takes your SIEM to the next level […]
-
Azure Lighthouse accelerates Cloud Management curriculum
Every couple of years since 2007 I have been fortunate to be able to teach a 3 credit-hour 400/500 level class in computer and network management for the University of Arkansas Little Rock campus (UALR). Now in our seventh iteration of the class, the course content has evolved over the years from (1) an all […]
-
Speaking at SCOMathon June 2021
This year I will be speaking at the SCOMathon 2021 conference on June 8-9, 2021. This two-day online event is a fantastic resource for anyone involved with management and monitoring tools and technologies. I’m joining my friends fellow Microsoft MVPs and Microsoft management professionals Bob Cornelissen, Cameron Fuller, Kevin Greene, Dieter Wijckmans sharing knowledge, tips, […]
-
Solarigate alert rule templates released to Azure Sentinel
Azure Sentinel users: enable these new Analytics rules announced in the Microsoft Security Response Center (MSRC) post: Customer Guidance on Recent Nation-State Cyber Attacks – Microsoft Security Response Center. No need to download or import rules: Microsoft has released the rule templates to all customer Azure Sentinel workspaces and they are ready for you to […]
-
Azure Kubernetes Container monitoring: Move or Consolidate workspaces
Organizations running one or more Azure Kubernetes Service (AKS) clusters may encounter the need to re-assign the monitoring workspace(s) associated with the AKS deployment(s). Azure Monitor for Containers gives you performance visibility by collecting memory and processor metrics from AKS controllers, nodes, and containers. There are two primary integrations in the container monitoring solution: AKS […]
-
Azure Sentinel: Connecting the Enterprise Firewalls
Many organizations are turning to Microsoft’s cloud-native Azure Sentinel as their primary enterprise SIEM because Azure Sentinel is the best solution for cloud and hybrid IT estates. Azure Sentinel excels at integrating cloud identity and cloud application logging into a holistic security picture that includes device and network logging. For most any Azure Sentinel enterprise […]
-
Azure Arc: One agent to manage them all
At Microsoft’s Virtual Ignite 2020 conference this week, a recent technology took center stage: Azure Arc. Part of the Azure Hybrid solution, Azure Arc is a concept and an agent technology, based on well understood Desired State Configuration (DSC) tools, that extends Azure management features to on-premises or other-cloud Windows and Linux computers. You can […]
-
SSO is your doorkeeper, watch it with Azure Sentinel
For many organizations, a Single Sign On (SSO) identification system is used to verify users’ access to applications and services. Everyone uses SSO, such as when you authenticate using a Microsoft account to access outlook.com, or a Google account to access gmail.com (or visa-versa). You can of course use either a Microsoft or a Google […]
-
A Governance Plan for Managing Overrides to Azure Monitor and Azure Sentinel Rules
A common and useful concept in management applications is to distinguish between (1) built-in, non-changing monitoring settings and (2) custom, dynamic exceptions to the standard settings. This article details methods to use existing Azure features to achieve this operational necessity. Objective: Keep standard rulesets and environment-specific exceptions separate Once you are using Azure Monitor and […]