
Azure DDoS Protection—2020 year in review
This blog post was co-authored by Anupam Vij, Principal PM Manager & Syed Pasha, Principal Network Engineer, Azure Networking. 2020 was a year unlike any other. It brought major disruptions to both the physical and digital worlds, and these changes ... continue reading
Deep Dive How To Debug Syslog Ingestion for Sentinel and Log Analytics
Hello everybody, Simone here to tell you about a situation that happened many times to my customers: understanding how the syslog ingestion works. To make subject clear make sure you have clear in mind the below references: RFC5424 - https://tools.ietf.org/html/rfc5424#section-6.2.1 ... continue reading
How to design secure and convenient access to AKS clusters
API Server is a crucial component of Kubernetes that allows cluster configuration, workload management and a lot more. While this endpoint is incredibly important to secure; developers and engineers typically require regular and convenient access to that API. Striking a ... continue reading
Using Windows Admin Center on-premises to manage Azure Windows Server VMs
Contributed by @Orin Thomas Currently the Windows Admin Center (WAC) add-in for the Azure Portal is in preview. Unfortunately, at the time of writing, the preview is oversubscribed, and you might be waiting for a while before the feature becomes ... continue reading
Microsoft Defender for Endpoint – MD ATP Daily Operation – Part 1
Hi IT Pros, I have combined the information for Security Team who monitors, responds and manages the ATP Portal on a daily basis. Please check it out and give your feedback. For Alert Notification and Live Response with remediation and ... continue reading
Microsoft Defender for Identity – Azure ATP Deployment and Troubleshooting
Hi IT Pros, Recently, I searched the internet and could not find the document for Microsoft Defender for Identity (Azure ATP) Setup and Troubleshooting. So, I prepared this document for our convenient reference and deployment in the future. Please check ... continue reading
Azure Advanced Threat Protection Deployment and Troubleshooting
Hi IT Pros, Recently, I searched the internet and could not find the document for Azure ATP Setup and Troubleshooting. So, I prepared this document for our convenient reference and deployment in the future. Please check it out and give ... continue reading
Microsoft Defender ATP Daily Operation – Part 1
Hello IT Pros, I have combined the information for Security Team who monitor, respond and manage ATP Portal on a daily basis. Please check it out and give your feedback. =================== ALERT MANAGEMENT The Alert response could be done as ... continue reading
How to Troubleshoot Windows Server Network connectivity issues via PowerShell
We all have been there, we want to set up a new application or agent which needs network access and needs to reach an endpoint using a specific port, but it simply doesn't work. So as a server admin, we ... continue reading
How to Defend Users from Interception Attacks via SMB Client Defense
Hey folks, Ned here again with another guest post. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. As you know, interception attacks involve manipulating communications between client and server. An ... continue reading