Azure NetApp Files (ANF) – Deploy with JSON

Chiyo OdikaAZURE, NetApp FilesLeave a Comment

Azure NetApp Files (ANF) is an enterprise-class, high performance, file storage service that supports any workload type and is by default, highly available. The service enables you to select various service and performance levels based on your use cases and needs. Key Use cases include: Databases – Applications that need to be performant require reliable, and high-performance storage. ANF can play a crucial role in ensuring that your Web-apps and e-commerce apps perform exactly as you need them to, and you have fine-grained control over the storage tiers you consume for your applications to meet your needs. Files Services  – ANF provides cloud-based file share services through its highly available and scalable platform. It supports both SMB connections for Windows … Read More

Chiyo OdikaAzure NetApp Files (ANF) – Deploy with JSON

Addressing Critical ZeroLogon Vulnerability CVE-2020-1472

Chiyo OdikaAZURE, SecurityLeave a Comment

The ZeroLogon vulnerability is a privilege elevation vulnerability that exists when an attacker establishes a vulnerable NetLogon secure channel connection to a Microsoft Windows Server Domain Controller, allowing the attacker to perform a NetLogon authentication bypass attack, which simply put, can enable an attacker to obtain domain admin access, and take over an organization’s domain and effectively disrupt the organization’s functionality through ransomeware payload installation, for instance. This Zero-day vulnerability was discovered by Security firm, Secura, and Microsoft has recently confirmed that this vulnerability is actively being exploited in the wild. Secura has released a PoC code on their Github, that actually allows exploitation of this vulnerability and it’s use and deployment is quite intuitive. If the increasing discoveries of … Read More

Chiyo OdikaAddressing Critical ZeroLogon Vulnerability CVE-2020-1472

What retail investors can learn from Warren Buffet’s Investment strategy

Chiyo OdikaUncategorizedLeave a Comment

Last week, Warren Buffet’s Berkshire Hathaway (NYSE: BRK.A) (NYSE: BRK.B) made a sizable purchase to increase its stake in Delta Air Lines (NYSE: DAL)on a major down day and amidst unnerving turbulence in the markets. Last week will linger on in memory for a while as the harbinger of what is now undoubtedly the markets’ slide into bear-market territory, probably precipitated by the oil price collapse, triggered over the weekend by the OPEC-Russia impasse, and fueled on by the inexorable spread of COVID-19. We saw several alternating days in a row of big moves in the S&P 500 of plus or minus 4% or more, and we saw even bigger moves this week with the circuit breaker triggered after the … Read More

Chiyo OdikaWhat retail investors can learn from Warren Buffet’s Investment strategy

NSGs for Azure APIM with VNET

Chiyo OdikaAZURELeave a Comment

I’m doing some work on deploying Azure API Management inside a VNET in order to access backend services and had to enumerate a list of Network Security Group (NSG) rules to allow inbound and outbound traffic into the subnet in which API Management is deployed. Posting the JSON here so for easy reference. Still testing this out, so let me know if I missed any ports. Cheers!


Chiyo OdikaNSGs for Azure APIM with VNET

[MUSINGS] What a Week! EPL Football

Chiyo OdikaUncategorizedLeave a Comment

This is likely the first non-technology article I’m publishing here, and it is the first of many to come. So indulge me, as I lighten the content in this here blogosphere of mine. What a whirlwind week it’s been indeed. What with the global financial markets in a tailspin, and reeling from a coronavirus-driven rout, and Elton John’s beloved, albeit bottom table-dwelling Watford putting paid to Liverpool’s bid for a record-setting 19 unbeaten games in the top flight of English football. But this article isn’t about the market. There’s another 5 articles coming on that subject. This is purely about the beautiful game, football. Yes,  It’s been 422 days since Liverpool lost a game in the Premier league. And while … Read More

Chiyo Odika[MUSINGS] What a Week! EPL Football

Zero Trust and the Azure Firewall service

Chiyo OdikaAZURELeave a Comment

I’m a proponent of zero trust for enhancing network-level security and access control for your Azure resources. The idea is that of demarcating your high-security deployments from the internet, using a perimeter network, aka DMZ. What this enables you to do is focus your network access control, logging, monitoring, alert/event management workflow integration on your edge devices, not necessarily as a stand-alone solution, but as a part of an overarching solution for access control, and oversight at the network layer. Think NSGs/ASGs (in the Microsoft cloud) as fitting somewhere into this picture, and let’s not overlook Identity and the role it plays as a pillar of security, but that’s a topic for another day. Now with that said, most enterprises … Read More

Chiyo OdikaZero Trust and the Azure Firewall service

Making the move to Azure Security Center and Azure Sentinel

Chiyo OdikaAZURELeave a Comment

This article is not intended as a technical deep-dive into the Azure Security Center (ASC) and Sentinel solutions from Microsoft. There are loads of instructive docs on these from Microsoft. I intend for this article to simply serve as a reminder for OMS Security and Compliance clients to make the switch to Azure Security Center and explore the Sentinel SIEM solution which is currently in preview and free. The Security and Compliance solution reaches EOL at the end of July 2019.     Recall this security event log filtering feature that informed SecurityEvent table data in your Log Analytics repo, and that lived somewhere in the erstwhile OMS Security & Audit UI? Well it’s wound up in Azure Security Center. … Read More

Chiyo OdikaMaking the move to Azure Security Center and Azure Sentinel

Azure Monitor Management solution for RDS, Windows VDI and Citrix

Chiyo OdikaAZURE, Azure Monitor, OMSLeave a Comment

Just noticed the availability of the community edition of the Azure Monitor management solution for RDS, Citrix and Windows VDI. Organizations that provide services through VDI have a need for monitoring the solution to various degrees beyond just server-side and  infrastructure and performance monitoring, but also monitoring for user experience, session monitoring etc. These solutions enable you to deeply analyze sizing, performance, and user experience at each time frame in the past and for lowest expenses. You will also be able to leverage your existing event management, and alerting workflows in Azure monitor and investments in Azure. Check out the solutions here:

Chiyo OdikaAzure Monitor Management solution for RDS, Windows VDI and Citrix

Hybrid Cloud Print Known Issues and Workarounds

Chiyo OdikaAZURE, Azure Active Directory, WINDOWS SERVERLeave a Comment

In a previous post, I outline the steps for deploying Hybrid cloud print. Here are some noteworthy issues and errors you may encounter when deploying/ testing this solution through either of the supported pre-authentication methods, and some ways to remediate them. Publishing permissions. This error indicates that you do not have permissions print server management permissions or permissions to modify the Mopria database file. Address this by following steps #2 and #8 of the referenced post above. Read and Sign-in Authorization for Native client or web apps This error indicates that required permissions are missing on Native client or Web apps it further indicates that you’ve not delegated permissions to the app for required APIs, as outlined in steps #10 … Read More

Chiyo OdikaHybrid Cloud Print Known Issues and Workarounds

Hybrid Cloud Print with Passthrough Authentication – Detailed steps

Chiyo OdikaAZURE, Azure Active Directory, WINDOWS SERVERLeave a Comment

In a previous post, I gave an overview of the Windows Server Hybrid Cloud Print solution. This is a solution that enables organizations to support print functionality for MDM-managed BYOD and Azure AD joined devices. Organizations will find this solution useful if they plan to: Leverage existing global printing investments to support BYOD and non-domain joined devices deploy Azure AD joined devices into existing AD and global print environment support MDM managed BYOD support printing while away from the corpnet   The solution supports single sign-on user authentication and allows your to leverage your existing authorization processes. I briefly covered this in the previous post. In this article, I will go over the steps for configuring Hybrid Cloud Print using … Read More

Chiyo OdikaHybrid Cloud Print with Passthrough Authentication – Detailed steps