Jack-Blog

I.T Professional Web site

Azure Getting Started via PowerShell

PowerShell

Everything after a “#” pound sign is a not and can be ignored; no need to paste that into the PowerShell windows.

Run PowerShell as an Administrator

Allows you to run administrative commands [sometimes needed to install modules]

Start – Type PowerShell – Right-click, run as administrator    # see also

Install Azure RM Modules

Give you the ability to run Azure commands in PowerShell.  # see also  #Prior to Windows 10, you will need to download and install Azure PowerShell;  from the Azure downloads page Command Line Tools (Windows Install) .

Install-module AzureRM    # Add AzureRM

Install-module AzureRM.storage     # Add Azure Storage

Get-Module -ListAvailable AzureRM*   # Show available AzureRM modules

Authenticate to Azure

Connect to Azure      # see also

Login-AzureRmAccount

Change Default Subscription

# see also

Get-AzureRMSubscription  # List available subscriptions
Select-AzureRmSubscription –SubscriptionID “SubscriptonID”  # Copy SubscriptionID of the subscription from the SubscriptionList
Set-AzureRmContext -SubscriptionID “SubscriptionID” # Copy SubscriptionID of the subscription from the SubscriptionList

Change Default Subscription via GUI (popup box)

# Select Subscription via popup list  # see also 

#Pop-up Box with list of subscriptions; return selected subscription

$MySubscription = (Get-AzureRmSubscription | Out-GridView -Title “Select an Azure Subscription …” -PassThru)
$subscriptionId = $mySubscription.SubscriptionId   # Set a variable for SubscriptionID
$SubscriptionName = $mySubscription.SubscriptionName  #Set a variable for SubscriptionName
Select-AzureRmSubscription -SubscriptionId $SubscriptionId   # Set Default Subscription
Set-AzureRmContext -SubscriptionID $subscriptionId                 # Set Default Context
Write-Host “Subscription: $SubscriptionName [ID: $subscriptionId  ]” -ForegroundColor Green    # Show the new default subscription

get-AzureRMContext  #Display Current Subscription

Give Users Access to a Subscription

# Assumptions: Login to Azure; Default Subscription set; You are the owner of a subscription

Coming Soon…. NOT FINISHED OR TESTED…. Need to add more documentation

#Search for an Azure Group By Name
#Get-AzureRmADgroup -SearchString “group  name”    # Optional: if needed   
#Get-AzureRmADServicePrincipal -SearchString “service name”   # Optional: if needed
Get-AzureRmRoleDefinition |format-table ID, Name, Description   # List existing Role Definitions
#Get the OjectID of the user by name
$User=Get-AzureRmAdUser -SearchString “Dan Stolts”    # Get ObjectID for a particular user (by name)
$User      # Display list of users
Get-AzureRmAdUser -UserPrincipalName “[email protected]
$User=Get-AzureRmAdUser -UserPrincipalName “Dan Stolts”    # Get ObjectID for a particular user (by name)

$User.UserPrincipalName
Get-AzureRmSubscription # List avaialble subscriptions

# Set the permission for the user
# Syntax: New-AzureRmRoleAssignment -ObjectId <application id> -RoleDefinitionName <role name> -Scope <subscription id>
# Example:New-AzureRmRoleAssignment -ObjectId “81f4a203-9950-4f4d-9a5d-12e3b45d67f8”  -RoleDefinitionName “Owner” -Scope “1942a221-7d86-4e10-9e4b-a5bc2688651d”
New-AzureRmRoleAssignment -ObjectId “UserID”  -RoleDefinitionName “Role” -Scope “SubscriptionID”

New-AzureRmRoleAssignment -ObjectId <application id> -RoleDefinitionName <role name> -Scope <subscription id>

Equinix Wants to Do to Data Center Connectivity What AWS Did to Computing

New Cloud Exchange Fabric uses SDN to shrink interconnection lead times from months to minutes

Equinix has created an empire by building data center hubs where companies can interconnect their networks – nerve centers of the internet and private corporate networks. In many places around the world, an Equinix facility is where a single customer can access an unrivaled amount of carriers, cloud companies, CDNs, and all other types of service providers who help ensure their applications or content reaches their intended end users.

And while simply being inside such a nerve center already makes a network architect’s life easier (because they can reach all the networks they need from one place), turning every link up is still a complicated and lengthy process. After the client has negotiated the terms and signed a contract with the service provider, the data center company provisions a physical interconnect, and it may take days, weeks, and sometimes months, for the link to go live.

Related: Digital Realty Challenges Equinix With Cloud Connectivity Platform

In today’s world, where customers can launch cloud servers almost instantly, and where applications are so highly distributed that companies need to interconnect with more networks and in more places than ever, those lengthy connection provisioning lead times have become a problem. It’s a problem a handful of startups recently formed to address, and it’s a problem Equinix itself is hoping to solve for its customers with a new service it announced today.

The service is called Equinix Cloud Exchange Fabric, and it aims to do to connection provisioning what Amazon Web Services did to installing servers in a data center. Using new software-defined networking capabilities in the previously existing Equinix Cloud Exchange platform, customers can choose the network they want to connect to, make a few mouse clicks, and have the link up and running in a few minutes, James Staten, Equinix’s global head of market development, said in an interview with Data Center Knowledge.

Related: Equinix Positioning for “Next Wave” of Cloud Data Center Deployments

Like they do for cloud infrastructure services, customers pay only for the amount of time they use the Exchange Fabric. A basic 5 megabit connection from Silicon Valley to Ashburn, for example, would cost about $350 per month, he said. Inside a single data center, a 5 megabit link will cost about $150 per month. The price goes up the more bandwidth you use and the longer distance your traffic needs to traverse.

Not only does it make network interconnection within a single facility faster and easier, it does the same for linking network nodes that sit in different cities and in different metro areas. Instead of setting up an agreement with AT&T, for example, to carry traffic between your storage cluster in Dallas and your cloud servers in Ashburn, you make a few selections through Equinix’s online portal (or your own interface that uses Equinix’s API), and Equinix handles the rest.

“It’s that facility-to-facility, metro-to-metro [connectivity] that’s really interesting and powerful,” Eric Hanselman, chief analyst at 451 Research, said, commenting on the announcement. “The challenge right now is that for existing companies to be able to construct connectivity even facility to facility is relatively complex.”

Enabling Edge Strategies for IoT

Staten anticipates the most common use cases for the new service will be Internet of Things applications: connecting data sources, such as sensor-bearing equipment or connected cars, to cloud service providers and Equinix enterprise customers’ own systems.

Manufacturers need to collect data from their products in every metro those products are sold into for quick analysis. They don’t usually do analytics in-house, so they need to connect to cloud services like Salesforce, AWS, or Microsoft Azure in those metros, he explained. Hypothetically, data from GM vehicles on the road in Dallas would be aggregated in an Equinix data center in the Dallas-Fort Worth metro, where it would be ingested by a cloud provider for analytics. Some data would then travel back to the vehicles and some would end up on GMs servers, either in the same Equinix data center or elsewhere.

Other potential use cases include movie studios, which nowadays can use dozens of contractors around the world to make a movie happen. They use private interconnection to ship content from contractor to contractor during the production process, when security and performance are essential, Staten said.

Financial services companies need to connect not just to exchanges but to all other players in the ecosystem; healthcare organizations make extensive use of private connectivity because of the strict privacy rules they have to comply with; and any company that needs to connect to devices at the edge of its network, be it to support mobile apps for its employees or for its customers, should be able to use the new Equinix service as part of that edge connectivity strategy, he said.

New Channel for Carriers

For now, the service is available for interconnecting data centers in nine markets within North America and 11 within Europe, with more locations on the way. Similar capabilities are slated to become available in Asia and Latin America next year, and eventually, Equinix wants to enable the same easy interconnection provisioning across countries and across continents.

While at first glance the offering may appear to compete with the likes of AT&T, Verizon, Comcast, and other service providers whose presence in Equinix facilities is what makes those facilities attractive to other customers in the first place, it actually makes those carriers’ services easier to consume. “It can actually be a plus for the network operators,” Hanselman said. “Equinix simply becomes a channel” for their products. Some of them are already using the new capability to extend their geographic reach, according to Staten.

The service does compete more directly with companies like Megaport and Epsilon Telecommunications, whose business models are centered on making network interconnection easier by using SDN technology. There is still value to Brisbane, Australia-based Megaport’s platform, which is focused on interconnection between facilities via Wide Area Networks than on intra-facility LAN links, and which links to many more data center providers than just Equinix, users who have no need to step out of the Equinix ecosystem may no longer be reachable for the startup. Similarly, Equinix’s new offering competes with only a part of the value proposition of Epsilon, which provides full solutions, including connectivity to branch offices and as far out to the edge as home workers.

The Equinix Cloud Exchange Fabric makes life easier for network architects by giving them an easier way to connect to service providers, partners, and clients while giving carriers a powerful channel partner and a platform that makes their services easier to buy, but at the end of the day, the biggest winner here is Equinix, which by enabling easier interconnection makes its facilities both more desirable and more “sticky” for its customers.

“All of this is helping to go feed a greater motivation to move into collocated facilities in some form or fashion,” Hanselman said.

3 Tips to Secure Your Office 365 Instance Against Hackers

Hacker – a word that conjures up images of a man in a baseball cap, alone in a dark room, surrounded by machines and blinking lights, out to spread chaos around the universe. While this image is often inaccurate – hackers can be anyone, anywhere, with any device – the threat is very real. You know the danger exists, but how can you protect yourself and your data from a threat that seems invisible and undetectable?

 

Interested in taking your client’s Office 365 security to the next level? Contact us and get an Office Protect free trial.

 

You really can’t on your own. Fortunately, if you use Office 365, the solution has three ways to protect your business from cyberattacks.

 

Tip #1: Stop Hackers in Their Tracks

The first goal of any data security feature is to act as a strong perimeter. Office 365 is no different and has taken many measures to ensure no unverified users can get into your system.

 

Multi-Factor Authentication

Passwords are easily compromised. Employees might choose an easy-to-guess password that they can remember, or keep all of their files in a Word document on their desktop. Some employees might even write their password on a piece of tape and stick it to the bottom of their computer

Multi-Factor Authentication (MFA) realizes this weakness and adds another level of security to the log-in process. In addition to having a password, a user must also verify their identity with a device they have, most commonly a mobile phone.

This basic two-factor authentication program comes with Office 365, but if you need something even more secure for your business, they offer a higher-level plan as well.

 

Azure Identity Protection

Identity Protection learns your habits to flag unusual activities. For example, if you log in from a different source than usual, or try to log in multiple times, the system will send you an alert and ask for additional authentication methods.

Most of us have experienced this when we use a different machine, or log on to a coffee shop’s internet. Some find it to be a nuisance, but in reality, it is an effective method to stop hackers in their tracks. Without it, you may not know you are under attack until it is too late.

 

Ransomware Prevention

Unfortunately, ransomware has seen a lot of headlines in recent months. This particularly unpleasant attack usually involves a hacker accessing data and then locking the business out of their own system, demanding thousands of dollars in Bitcoin payments before they will release the data. Some larger enterprises have even encountered and endured threats of releasing private customer data online if they do not pay the ransom.

However, this isn’t just a big business problem. Office 365 has recently taken steps to prevent ransomware attacks for all of their customers.

Their new security feature detects ransomware attacks and will send you an alert via email, desktop, or phone to let you know of a possible attack. It even walks you through the steps to restore your system to a point before it was compromised.

 

Link Checking in MS Office

Everyone has had a moment when you click on a link without thinking about it. Important questions like, “What is this link’s source?”, “Is it safe?” or “Could it contain a virus?” often do not occur to us when we’re hurried or looking through many documents. Fortunately, Office 365 thinks about this for you with advanced link checking in Word, Excel, and PowerPoint that will alert you of any suspicious links before your computer gets to the corrupted site.

 

Encrypted Email

This one is pretty simple – with end-to-end encryption for all email, you can ensure that no one intercepts or receives your communications except for the intended recipients.

 

Tip #2: Get Control Over Your Data

One of the best ways to prevent hacking is to make sure you maintain control over your data at all times. Only you should determine who can access your most important assets.

 

Privileged Identity Management

One of the most devastating attacks is one where an administrative account is breached, so naturally, you will want to limit the number of admin accounts that are given out. However, this can create difficulties when users need an admin account to complete a particular task.

Privileged Identity Management solves this by allowing you to create temporary admins for a designated amount of time. Users on a list of “eligible admins” can request temporary access for certain tasks, and their admin status will be revoked after the work is completed. You can even control what sort of information these eligible admins must provide to grant access.

 

Mobile Device Management

The modern employee often checks email and performs other work tasks on many different devices that may or may not be company-sanctioned and controlled. Mobile Device Management gives you the ability to protect your data even on devices that are personally owned by your employees.

 

Data Sharing Prevention

Not all threats come from outside your organization. Office 365 has two measures to protect your data from threats inside your organization as well, whether it be accidental or malicious. Password Protected Sharing Links lets you set passwords for certain shared folders and files to prevent unauthorized access, and Prevent Forwarding allows you to restrict recipients from forwarding or copying any emails you do not want others seeing.

 

Tip #3: Get Better Visibility

Knowledge truly is power. If you can see a hole in your perimeter, you will know where to patch it. If the hole remains undiscovered, someone can get in. Office 365 has features both to help you find gaps in your system and fix them before something can happen, and to repair your system just in case something does happen.

 

Secure Score Check

This feature allows you to get an overall view of how secure your data is with just a click of a button. Office 365 will assess what security features you are and are not using, find weak links in your system, and suggest ways to improve your overall security score.

 

File Restore

But what if all of this is not enough? Nothing is entirely hacker-proof, right? This is an unfortunate truth of the technological age. Knowing this, Office 365 has a full file restore feature so even if someone destroys, deletes, or locks you out of your data, or even in the event of a natural disaster, all your data can be restored and your business can stay up and running.

 

How Office Protect Can Help You

Does all of this sound like a lot to keep up with? You definitely want to keep your business secure, but keeping track of all of these features can be challenging. How would you even know if something happened?

Office Protect is here to help. You can manage everything from one pane of glass in an easy to understand interface. Any unusual activity will trigger an alert that you can investigate, and it even generates reports for you to examine and gain valuable insight into the security of your organization.

Want to know more about how Office Protect can keep security simple? Contact your SherWeb representative today.

Powered by WordPress & Theme by Anders Norén

Translate »