cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AzUpdate S04E04: Azure Bastion, AKS clusters, Azure Site Recovery, and Microsoft Defender for Ident
By
Pierre Roman
Published Feb 11 2022 12:00 AM 3,227 Views
Pierre Roman
Microsoft
‎Feb 11 2022 12:00 AM

AzUpdate S04E04: Azure Bastion, AKS clusters, Azure Site Recovery, and Microsoft Defender for Ident

‎Feb 11 2022 12:00 AM

Hello Folks,

 

In this episode of AZ Update, I am joined by none other than Rod Trent (@rodtrent) and together we parsed through the Azure Services announcements and picked some that we thought would be of interest for the IT and Ops audience.

 

Let’s jump right into it.  This week we’ll cover updates for Azure Bastion, AKS clusters, Azure Site Recovery,  and Microsoft Defender for Identity.

 

Join us for the Live show on our YouTube channel or watch the live feed or the replay below.

 

 

 

Azure Bastion

 

PierreRoman_0-1644560715545.png

 

If any of you have ever used the Azure Bastion service you know it’s the more secure way of accessing a virtual machine in azure over Remote Desktop or SSH.  Exposing these ports directly to the internet is an invitation to be attacked.  If you don’t believe me setup a honeypot and see for yourself.

 

However, accessing the VM via the Bastion in a browser window has its own challenges.  Such as uploading and downloading files to/from a VM from your local computer.  This is where this month’s update becomes interesting.  Azure Bastion now offers support for file transfer between your target VM and local computer using Bastion and a native RDP or SSH client (It’s still in Preview, but it’s a start).

 

Please note that uploading and downloading files is only supported using the native client. You can't upload and download files using PowerShell or via the Azure portal.

 

AKS cluster / Azure Backup

 

PierreRoman_1-1644560715551.png

 

Azure Backup service is announcing private preview of AKS persistent volume backup. With this release, you can backup and restore the persistent volumes of your Azure Kubernetes Service (AKS) cluster.

 

Enterprise running stateful applications on Kubernetes, will always need for backup of application data that are on persistent volumes.  It’s just normal operational procedures.  Everything in production needs to be backed up.  You know that and we know that…

Now we can provide operational recovery of data stored in persistent volumes against data loss / corruption situations.

Azure Backup is currently working towards providing backup and restore capabilities to Azure Kubernetes Service (AKS). To start with enable backup and restore of data in persistent volumes of AKS. And in the future, provide cluster level backup for disaster recovery situations.

For now, Azure Backup service is announcing the Private Preview of AKS persistent volume backup.   If you’d like to test it out Fill this form to sign-up for private preview.

Azure Site Recovery

PierreRoman_2-1644560715553.png

 

Azure Site Recovery just like Azure backup and other cloud services are in constant evolution.  In this case the latest version of Azure Site Recovery components have been updated to provide further value.

 

The Mobility Service added new distributions of Linux OS to its list of supported platforms.

 

  • Azure to Azure
    • SUSE Linux Enterprise Server 15 SP3
    • Red Hat Enterprise Linux Linux 8.4
    • Red Hat Enterprise Linux Linux 8.5
  • VMware/Physical to Azure
    • SUSE Linux Enterprise Server 15 SP3
    • Red Hat Enterprise Linux Linux 8.4
    • Red Hat Enterprise Linux Linux 8.5

They also adde3d support for Windows Server 2022 for Hyper-V to Azure replications.

Another part of the updated service this month are some of the restriction and limitation that were present in the service.  More specifically:

 

  • Retention points are now available for up to 15 days.
  • Replication can be enabled on Azure virtual machines via Azure Policy.
  • ZRS managed disks can be used when replicating Azure virtual machines.

 

And this is among the other bug fixes that were included.  For more details see Details about the issues fixed and get the download links.

 

Microsoft Defender for Identity

PierreRoman_3-1644560715564.png

 

Starting this month, all the identity security posture management assessments that were accessible in Defender for Cloud Apps are now available in Secure Score, which can be accessed directly through Microsoft 365 Defender’s homepage at https://security.microsoft.com

 

Also, Microsoft Defender for Identity is now part of a new universal search feature launching in the Microsoft 365 Defender portal. Most of the products that contribute data and signal to Microsoft 365 Defender have a dedicated search function on their portal pages.

Starting this month, a convenient search bar at the top of the portal screen will allow security teams to look for any entity being monitored by Microsoft 365 Defender, be it identity, endpoint, Office 365 data, and more.

 

There are many more parts of these updates.  If you need more info,  check out this announcement.

 

MS Learn Module of the Week

PierreRoman_4-1644560715565.png

 

 

Since we discussed Azure Bastion this month, we thought it would be a good idea to review the Connect to virtual machines through the Azure portal by using Azure Bastion learn module.

 

With it you will learn to Deploy Azure Bastion, to securely connect to Azure virtual machines directly within the Azure portal, and to effectively replace an existing jumpbox solution.

 

You’ll also go through how to Monitor remote sessions by using diagnostic logs, and manage remote sessions by disconnecting a user session

 

Check it out!

 

Have a great weekend and we’ll see you online.  Please no not hesitate to comment below.  We would love your comments and suggestions.

 

Cheers!

 

Pierre

1 Comment
Co-Authors
Version history
Last update:
‎Feb 11 2022 06:37 AM
Updated by:
Labels