Cloud Security

Microsoft offers numbers of ways to reduce the cost of workload running in the Azure. Initially, it started with AHUB benefits, low priority virtual machine and recently they had gone to GA of Reserve Instance. It offers huge price cut, we could save up to 72% and combined with AHUB benefits up to 82% saving can be achieved which is very luring factor for many. Source: Microsoft Off-course we all want to save money, but it comes at a cost. That cost is ‘Performance’. So, are we ready for that? Then, why Microsoft might have come up the idea of Reserve Instance? Microsoft has one of the world largest datacenters scattered throughout the world. And, those resources are not always fully utilized in some of the regions. At the same time, some regions might have been fully utilized.   Thus, they allocated some portion of their resources in the Reserve Instances, and let the customer take this offer on available location based on the availability at low cost. And, most importa

With the maturity of cloud, usages of the Cloud Computing is rocketing as they are offering enrich services at affordable price. It's normal that an organization having multiple subscriptions and multiple users' managing it. Azure logs every user's activities that are performed against its resources including the action performed by pre-defined code using Runbook. What so ever the error collection domain the Microsoft gives, I prefer to group this into two. Logs auto-generated by System/Application or User Activates Log, which will trigger the previous logs. In this blog, I will discuss how user activities can be traced down to the various events so that anomalies (defined by the organizational norms) can be detected. User Login User's identity could be cloud only, federated or hybrid. Depending on their identity model, Azure Active directory will handle the authentication or will forward to the identity handler. For example, if ADFS is in place, then it will re

Application Security Group let us create and manage security rules for our Virtual Machine more intuitively. It provides the ability to bundle the VM's as per their workload and let us enforce rules on it as a group. So far we were applying Network Security Rules on individual VM using their IP. Now, we have the flexibility of grouping them and applying rules on them using Application Security Group name as source and destination. it eliminates the needs to remember IP address of resources. Working with Application Security Group requires planning as we need to define the security policies. These policies are similar with Network Security Group but this features add value to Network Security Group and become more useful when you have multiple virtual machines which perform the similar works and requires same rules. If it's combined with the Tag Policy, it increases the manageability as well as increase governance. This feature is in preview in US West Central, so we need to