AWS Backups richtlinienbasierte Datensicherungsfunktionen sind jetzt für Amazon FSx in der AWS-Region Asien-Pazifik (Osaka) verfügbar. Sie können jetzt AWS Backup verwenden, um die Sicherung und Wiederherstellung Ihrer in Amazon FSx gespeicherten Anwendungsdaten zusammen mit anderen AWS-Services für Computing, Speicher und Datenbanken in der Region Osaka zentral zu automatisieren.
Quelle: aws.amazon.com
Der Ford Mustang Mach-E kann nach einem Update den Akku schneller laden. Zudem bietet das Elektroauto eine höhere Anhängelast. (Ford Mustang, Elektroauto)
Quelle: Golem
Viele Köche verderben den Brei? Mag sein, aber viele Stephen Stranges sorgen in Doctor Strange in The Multiverse of Madness für gute Unterhaltung. Eine Rezension von Peter Osteried (Marvel, Disney)
Quelle: Golem
Die Abozahlen von Paramount+ werden dieses Jahr weiter steigen, denn das Streamingabo kommt unter anderem nach Deutschland. (Paramount+, Disney)
Quelle: Golem
E-Mail-Clients gibt es viele, als Open-Source-App für Android aber nur wenige. Thunderbird will das ändern. (Thunderbird, E-Mail)
Quelle: Golem
Raphael für Desktops, dazu Dragon Range und Phoenix für Laptops: AMD plant ein breites Portfolio an Zen-4-basierten Ryzen mit DDR5-Speicher. (AMD Zen, Prozessor)
Quelle: Golem
Threat intelligence at scale!
Changes to how we work and operate our businesses have driven every company to now be a digital company. This acceleration in digital transformation has also led to a rise in security risks. Cyberattacks are becoming more common and advanced with growing attack surfaces due to the proliferation of mobile and IoT devices and increasing cloud adoption. Basic protection measures are no longer sufficient as new attack vectors have emerged and attacks have become more sophisticated with automated and large-scale attacks. To help our customers address these security challenges, we have been evolving Azure Web Application Firewall (Azure WAF), our cloud-native, self-managed security service to protect your applications and APIs running in Azure or anywhere else—from the network edge to the cloud.
A quick primer on Azure WAF
We offer two options—global and regional—for deploying Azure WAF for your applications and APIs.
Global WAF: Azure WAF attaches to Azure Front Door, our native, modern cloud content delivery network (CDN), to provide global application acceleration and intelligent security at scale. Azure WAF stops the security attacks at the network edge closer to the source of attack with over hundreds of edge locations around the world.
Regional WAF: Azure WAF attaches to Azure Application Gateway, a highly scalable, web application regional load balancer running in a virtual network. It manages traffic for both internal and external websites and provides application protection in over 60 Azure regions worldwide.
What’s changed?
We are excited to share recent updates and announce many new features that will offer customers better security, improved scale, easier deployment, and better management of their applications.
Application and API protection
Improved security posture with new rulesets: On March 29, we announced the general availability of Managed Default Rule Set 2.0 (DRS 2.0) integrated with Azure Front Door Premium tier. DRS 2.0 includes the latest Microsoft proprietary rules authored by Microsoft Threat Intelligence. Today, on regional WAF attached to Azure Application Gateway, we are excited to announce the general availability of Open Web Application Security Project (OWASP) ModSecurity Core Rule Set 3.2 (CRS 3.2). These updated rulesets provide increased coverage for web vulnerabilities, reduce false positives, and protect against specific vulnerabilities, like Log4J and SpringShell CVEs.
Anomaly scoring with reduced false positives: Like regional WAF, we also introduced anomaly scoring with DRS 2.0 on global WAF which drastically helps reduce false positives for customer applications. In anomaly scoring mode, when an incoming request violates WAF rule, it is assigned an anomaly score based on the severity of the rule, and an action is taken only when the anomaly score reaches a threshold.
Increased size limits: With CRS 3.2, regional WAF can now support request body size inspection up to 2MB and file upload size up to 4GB.
API security: With DRS 2.0, global WAF now also supports XML and JSON content types that allow request inspection to secure inbound traffic. Azure WAF on Azure Front Door and Azure Application Gateway seamlessly integrates with Azure API Management to provide advanced API management and security features.
Advanced customization with per rule exclusions: As in global WAF, today we are also introducing per rule exclusions with CRS 3.2 on regional WAF with Application Gateway. Exclusions allow you to override WAF engine behavior by specifying certain request attributes to omit from rule evaluation. In addition, we now allow attribute exclusions definitions by name or value of header, cookies, and arguments. Exclusions can be applied to a rule, set of rules, rule group, or globally for the entire ruleset, providing increased flexibility to help reduce false positives and meet application-specific requirements. This feature is currently available via Azure Resource Manager, PowerShell, CLI, and SDK. Azure portal integration will be available soon.
Bot protection
Bots have become an essential part of our customer’s digital footprint, helping to automate and perform key functions. However, attackers are increasingly taking advantage of this by manipulating bots to carry out malicious tasks. We’re continuously improving our platform capabilities to better protect against bot attacks—bot protection with Bot Manager 1.0 ruleset is available through integration with the Azure Front Door Premium tier. Our bot detection and protection rules are based on Microsoft Threat Intelligence and support bot classification for good, bad, and unknown bots. Bad bots include bots from malicious IP addresses or bots that have falsified identities. The malicious IPs are provided by Microsoft’s Threat Intelligence feed, which is based on feeds from external providers and internal threat intel. For good bots, WAF uses reverse DNS lookups to validate if the user-agent and IP address range match what the agent claims it to be. Bot signatures are dynamically managed and automatically updated by WAF when new threat actors are detected.
Performance and scale with the next generation of WAF engine
We are excited to announce the general availability of our next-generation WAF engine on Azure Application Gateway. The new WAF engine, released with CRS 3.2, is a high-performance, scalable Microsoft proprietary engine and has significant improvements over the previous WAF engine.
Benefits of the new Azure WAF engine include:
Improved performance: In our test lab, the new engine resulted in significant reduction in WAF latencies when compared with the previous version of engine. We also observed significant reduction in P99 tail latencies with up to ~8 times in processing POST requests and ~4 times reduction processing GET requests.
Increased scale: Our next-gen engine can scale up to 8 times more RPS using the same compute power and has the ability to process 16 times larger request sizes (now up to 2MB request size), which was not possible earlier with the previous engine.
Better protection: New redesigned engine with efficient regex processing offers better protection against RegEx DoS attacks.
Richer feature set: The new engine is available with the CRS 3.2 version. New features and future enhancements will only be available through the new engine and the later versions of CRS. Customers are strongly encouraged to move to CRS 3.2 version. We are in the process of phasing out CRS 2.2.9 and will stop onboarding new customers on the older CRS 2.2.9 version. Existing customers on CRS 2.2.9 will continue to be supported.
To learn more about the new engine, see WAF engine documentation.
Management and monitoring
Native consistent experience with WAF policy: Application Gateways WAF v2 now natively utilizes regional WAF policy instead of config by default, removing the need for the legacy WAF config experience on Azure Application Gateway. All the latest features and future enhancements will be available via WAF policies. Application Gateway configuration continues to be supported for existing deployments of v1 and v2 SKUs, but customers are strongly encouraged to migrate to Application Gateway v2 with WAF policies that offer a richer feature set and improved experiences at no additional cost. Azure policies can be shared across multiple application gateway deployments, simplifying the management experience. With Azure policy, customers can easily automate deployment and provisioning of applications using DevOps and APIs friendly tools—Azure Resource Manager, REST API, PowerShell, CLI, and Terraform.
Advanced analytics capabilities: You can now access new Azure Monitor metrics on regional WAF for more effective monitoring, troubleshooting, and debugging. Azure Monitor logs and metrics for WAF can be streamed to a central log platform for advanced log analytics and are further consumed by Microsoft Sentinel and Microsoft Defender for Cloud for security monitoring and alerting. Microsoft Sentinel integration allows security analysts to analyze and correlate data from other sources, detect threats, and automate incidence response. For example, we recently released Sentinel hunting queries to detect and respond to zero-day critical vulnerabilities like—Log4J Sentinel hunting queries and SpringShell Sentinel hunting queries.
Built-in security reports: Security reports on Azure Front Door provide powerful visualization of WAF patterns, trends by action, and events by rule types and rule groups. Security threat analysts can view breakdown top events by different dimensions like IP, country, URL, hostname, and user-agent for threat analysis.
Improved manageability: Azure WAF integration with Azure Firewall Manager is coming soon. With this integration, customers will be able to manage WAF policies at scale for applications hosted on Azure Front Door and Azure Application Gateway platforms.
Get started and share your feedback
You can try Azure WAF with Azure Application Gateway and Azure Front Door today. Visit Azure WAF documentation to learn more. As we continue to enhance the Azure WAF offering, we would love to hear your feedback. Post your ideas and suggestions on the networking community page or email us at azurewaf@microsoft.com.
Stay safe!
Quelle: Azure
This blog post has been co-authored by Isabelle Morris, Program Manager, Azure Networking
As organizations move their mission-critical workloads to the cloud, connecting to virtual machines (VMs) directly over the public internet is becoming more of a security risk. The more public IP addresses a customer has attached to VMs in their virtual network, the larger their attack surface becomes and the more vulnerable they are to security threats. The more secure alternative is to deploy a managed jumpbox service that reduces the number of public entry points to a customer’s resources in the cloud. The ideal managed jumpbox service should prioritize both security and flexibility to choose how you connect to your resources. Azure Bastion, Azure’s managed jumpbox service, now provides customers with the ability to customize their connection experience to use a native client of their choice.
Azure Bastion overview
Azure Bastion is a fully managed jumpbox-as-a-service that provides secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to your VMs in local or peered virtual networks. Azure Bastion provides connectivity directly from the Azure portal using Transport Layer Security (TLS). With Azure Bastion, your VMs do not need a public IP address, protecting your virtual machines from exposing RDP and SSH ports to threats on the public internet, while still providing secure access using RDP and SSH. With native client support available on the Standard SKU for Azure Bastion, you now unlock customizable features and added functionality in your VM sessions.
More flexibility to choose how you connect to your VMs
The primary way to connect to your VMs using Azure Bastion is through a quick and simple experience in the Azure portal. Users and administrators can navigate to their Azure VM in the portal and then open a web-based VM session using Azure Bastion. This experience eliminates the need to download any clients, agents, or configure files prior to accessing the VM.
Some customers value integration with existing and familiar processes. With the support for native clients on Azure Bastion, these customers can use command-line based access and a native client of their choice to reach their target VMs. This allows them to use Azure Bastion with a more accessible or familiar user interface, and to integrate connectivity to VMs via the service into their existing scripts.
Native client support offers three Azure CLI commands: az network bastion rdp, az network bastion ssh, and az network bastion tunnel. The az network bastion rdp command and az network bastion ssh enable connectivity to the target VM directly and use the clients mstsc and az ssh respectively. Meanwhile, the az network bastion tunnel command allows more flexibility by establishing a tunnel to the target VM on a specific port, and then allowing the user to connect to the VM using a custom client and the specified port.
Customers now can choose how they connect to their VMs via Azure Bastion—a simple, quick web-based experience or an integrated and customizable experience using a native client.
Simplify your login experience with Azure AD-based authentication
Azure Bastion native client support also unlocks an additional authentication option for users. With the az network bastion rdp and az network bastion ssh commands, users can use their Azure Active Directory (Azure AD) account to access their VMs. Using Azure AD for authentication provides enhanced identity security in conjunction with Azure Bastion’s existing networking security by eliminating the need to manage local VM credentials. For SSH, the Azure AD authentication also simplifies the connect experience by using the credentials the user has already provided to log into Azure CLI and taking them directly to their VM session.
File upload and download to a VM using a native client
Azure Bastion now supports file transfer between your target VM and local computer using Azure Bastion and a native RDP or SSH client. To both upload and download files, users must use the Windows native client on a Windows machine and the az network bastion rdp command. With RDP, users can easily transfer files between their target VM and local Windows machine in just a few clicks. For customers using non-Windows native clients or SSH, the az network bastion tunnel command supports file upload from your local computer to target VM. Third-party clients may also support file download for these scenarios.
Take advantage of native client support for your VM sessions
To learn more about native client support on Azure Bastion, refer to the Connect to a VM using a native client and Azure Bastion documentation. You can also follow our step-by-step guide on transferring files in the Upload or download files using a native client connection documentation.
Quelle: Azure
Vor der Hauptversammlung des Mobilfunkproviders findet der scheidende Aufsichtsratschef Helmut Thoma sehr deutlich Worte für die Konzernführung von Freenet. (Freenet, Mobilcom)
Quelle: Golem
Elektrische Dienst- und Firmenwagen sollen nach einem Gesetzesentwurf massiv gefördert werden, Plugin-Hybride nicht. (Elektroauto, Technologie)
Quelle: Golem
