Despite vendors like Microsoft automating many processes in their solutions, including network configuration, vulnerabilities may still threaten your security. For example, you still need some fine-tuning when routing traffic via an App Gateway to a private backend application in an Azure VWAN environment.
Mutual Transport Layer Security (mTLS) in Azure Application Gateway and Application Servers / Web App is a mandatory modern security layer. It allows the server and the client to mutually identify each other’s identity and credibility to enhance cybersecurity. But what it is exactly, what does it do and how does it help your IT security?
The Private Endpoint / Private Link / Private Link Service solution was launched by Microsoft mostly because of the need for private, more secure connectivity to its Azure services. Since its launch, the number of Azure services supporting Private Link has grown, and the list today is extensive. But what are they exactly?
In Part 1, we discussed the technology behind Duo Multi-Factor Authentication (MFA) and how to configure it to protect the credentials for a Veeam hardened repository. We continue the cybersecurity topic, following the steps necessary for adding a public key authentication and making sure it works with the established configuration.
Protection is vital in both real and digital environments. An irresponsible approach to cybersecurity, especially with remote work, will ultimately lead to compromise. Security compromise can lead to credentials being phished and ransomware getting in. Veeam Backup & Recovery, Multi-Factor Authentication (MFA), and Cisco Duo can help avoid that.
There is a huge list of servers one could use as backup targets. So much so, that there isn’t really one right option. It depends on an organization’s requirements, wants, and needs. However, like with many things in life, there’s always a go-to scenario. We’ve distilled the necessary tips and configurations for your reading pleasure in a short form.
The Server Message Block (SMB) protocol has been used by Windows Server (WS) and Windows OS for quite a while now. However, its compression issues were resolved and integrated by Microsoft only in 2020. SMB compression allows saving on storage and time required to transfer and store the shared files. It also has various use cases, each having its own nuances.
In Part 1, we talked about the security principle of two-factor authentication and how to prepare your existing Remote Desktop (RD) Gateway for Network Policy Server (NPS) Extension for Azure Multi-Factor Authentication (MFA). Now, it’s time to integrate the solution and look at the logs and tools for troubleshooting in case any issues occur.
Network Policy Server (NPS) Extension for Azure Multi-Factor Authentication (MFA) is a good choice to enhance the security of your Remote Desktop (RD) Gateway. This combination will use two-step verification for client authentication to add another protection layer to your NPS/RADIUS (Remote Authentication Dial-In User Server).
In Part 1 we focused on overall information on SMB over QUIC and how to make the necessary preparations for all to function well. Today, we’ll focus on the technicalities. It will be somewhat a tedious process but we’ve laid out everything in minute detail, so you don’t have to break your neck trying to figure it all out 😉
