Search

Latest articles

View:
Romain Serre
Romain Serre
IT and Virtualization Consultant. Romain is specializing in Microsoft technologies such as Hyper-V, System Center, storage, networking, and MS Azure. He is a Microsoft MVP and MCSE in Server Infrastructure and Private Cloud.
Romain Serre

Overview of the benefits of an Azure ARC VM management

Microsoft Azure ARC VM Management extends Azure Portal features to manage VMs in Azure Stack HCI and VMware vSphere from a single interface.

Romain Serre

Deploy a Hybrid DNS infrastructure with DNS Private Resolver

Configuring DNS resolution for on-premises VMs linked to private DNS zones in Azure can be challenging. Luckily, Microsoft has released a new Azure service – DNS Private Resolver. It allows querying Azure DNS private zones from an on-premises environment and vice versa without deploying VM-based DNS servers.

Romain Serre

Define different authentication strengths for your users in Azure AD

It’s never too much when it comes to cybersecurity. Microsoft recently released a feature for its Azure Active Directory (AD) that allows you to diversify authentication methods for different user groups. This feature is used in conditional access to apply customized policies to the right people.

Romain Serre

Understand Failover Cluster Quorum

Failover cluster quorum can mean a lot of things. Many factors play in: the type of hypervisor vendor (vSphere, HyperV, KVM, etc.), the number of nodes, set failover configurations, and many more. The issue is critical for data availability, so it demands closer understanding from both the IT department and the management of a company.

Romain Serre

Design the network for Azure Stack HCI

Azure Stack HCI cluster is a hybrid solution that successfully units on-premises infrastructure with Azure cloud services, managing both Windows and Linux workloads relatively easily. However, it isn’t without its problems, and most come from incorrect network configurations that decrease performance and increase latency.

Romain Serre

Enable and use Temporary Access Pass in Azure AD

Temporary Access Pass (TAP) can be used to register another authentication method during new-user onboarding or to recover a lost or forgotten stronger authentication method. TAP is a time-limited passcode, issued by admins, that satisfies strong authentication requirements. You can use a TAP password for new users who can then register their passwordless authentication method.

Romain Serre

Manage an allowed country list to connect to Azure AD

Azure Active Directory (AD) allows managing connections so that users from certain countries can’t access your services. However, sometimes, VIPs can travel to one of such countries. To address that, you can deny access to all users in a country, allow connection from that country to certain users, or establish an approval workflow to allow travel with an access package.

Romain Serre

Detect Shadow IT with Microsoft Defender for Cloud Apps

Microsoft Defender for Cloud Apps collects information from Firewall log inputs or traffic redirected from Microsoft Defender for Endpoint. As a result, it can help you identify users, accessing your systems, who are using applications that are not included in your compliance. That way, you can detect such shadow IT activity and prevent breaches.

Romain Serre

Restrict some Activities in Office Online by using Microsoft Defender for Cloud Apps

Remote work is continuing to penetrate the fabric of the regular workflow ever more. Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that functions as a gatekeeper between your users and cloud resources they have access to. Among others, it allows to tap into Shador IT and app use to prevent malicious behavior.

Romain Serre

Enable passwordless authentication on Azure AD with FIDO2 key

Security is at the forefront of IT infrastructure now, perhaps, even more so than performance. Azure AD provides identities to various applications and can be used to manage authentication. Of course, multi-factor authentication is the standard now. However, passwordless options are available as well, with another set of steps.