During the onboarding / rollout of Defender for Endpoint and Azure Arc Agent, the network plays a significant role. Communication via the Internet is usually restricted by segmented networks and secured by firewalls and proxies. To prevent errors or communication problems, the required ports & URLs should be opened to ensure seamless onboarding and operational processes.

Read more...

Azure Kubernetes Services (AKS) and Azure Data Explorer (ADX) clusters are SaaS offerings based on virtual machines. It is probably the oldest way to safe money in the cloud - just turn them off when you do not need them - here are two ways to do this.

Read more...

One of the first things IT departments do when they start moving workloads to the cloud, is stopping their VMs on a regular basis to safe money. There are plenty of functions and ways to do this, but I thought, a different approach might be fun too - building this as a micro service with several components on Azure.

Read more...

When working with internal container deployments, there are many cases, where applications need to access an internal HTTPS service. If these services use internal certificates from an internal certificate authority (CA), the client (container/pod) needs to trust the certificate chain including the Sub/Issuing CA certificate and the Root CA certificate.
These certificates have to be added to the trusted ROOT CA store, which should not be done at runtime (hence not with a sidecar container or similar constructs). The solution to this problem would be to add them at build time. We will discover how this process can be simplified and automated by using Azure Container Registry (ACR) tasks.

Read more...
Author's picture

IT Insights Blog

Knowledge Delivered


author.job