In my previous blog post, I demonstrate how to setup Azure Bastion with Global VNet peering. This blog post can access using this link. In there I used Azure PowerShell for the configuration. Some of the readers asked if it’s possible to set up similar using Azure Portal. Therefore, I am writing this blog post to demonstrate how we can set up Azure Bastion with VNet peering by using the…
If we need to access an Azure VM using RDP or SSH, most of the time we access it using the public IP address. In this way, the virtual machine will have a public IP address (static or dynamic) assigned to it, and RDP or SSH service ports will open to the internet via NSG. This method provides easy access but not a very secure method.
If we have VPN or Express Route connectivity to Azure, we can…
In my previous blog post, I explained how to set up sign-in risk-based Azure conditional access policy. This article can be accessed using this link. As I explained in the article, sign-in risk is calculating based on user access behavior. If the user access behavior is flagged as risky, most probably the user account is also compromised. Most of the time, these compromised accounts are sold or…
Some time ago I wrote an article about sign-in risk-based conditional access policies. But things have been changed over time and I thought it is time to update it with new content.
Let’s assume we have a web application that is published via the internet. To access the services, the user has to provide a user name and password. If one of the users’ accounts compromised, how the system…