Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 2 years ago.
Improve this question
We would like to secure the connection to the Azure Portal from home because we are login every day to Azure Portal with very high privileged accounts.
We have already activated the MFA but we are not sure if it ’s enough and would like to add more security.
Does Azure have any VPN or certificate to allow only our company computers to login to our Azure Portail?
I believe what you are looking for is Continuous access evaluation. With that your company can set it up so that only the IP addresses of the company owned computers are allowed to access the tenant. It is currently in public preview.
According to the announcement it looks like Azure is not available yet but is coming in the future.
Related
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 days ago.
Improve this question
I have an API Management instance provisioned, not within a virtual network (due to a cost constraint).
I am wanting to front API Management with Application Gateway to take advantage of the Web Application Firewall. Is this possible? I'm struggling to find any documentation that supports this (or similar) scenario.
I have routed traffic to a backend pool which points to the APIM FQDN to no success (502 errors).
APIM will use IP filtering to prevent non-AGW traffic from accessing the APIs.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I'd like to make a Microsoft Flow workflow in the cloud use an on-premises website.
I'm beginning to think it's not possible.
To begin testing, I setup a simple flow based on a recurrence.
Each recurrence, it tries to access a website on my local HTTP website on my domain using an HTTP step.
I've setup an on-premises data gateway on local machine and in the azure portal, but have no way of associating that with a flow or HTTP step.
Microsoft documentation says the data gateways don't support HTTPs traffic, so I made sure I had a working HTTP binding for the site.
I'm not sure if I could design a custom connector for HTTP or not. This is not a web api, this is just a standard unsecured website behind my firewall that has some company related data on it.
It seems to me like I shouldn't be the only one wanting to do this.
Any ideas?
Currently you cannot do that directly. How about exposing your on-premise HTTP Endpoint via Azure Relay or some other technology.
There is, however, an On-Premises Data Gateway for Microsoft Flow (which internally uses Azure Service Bus). This !! currently !! (2017-07-24) !! supports the following data sources:
SQL Server
SharePoint
Oracle
Informix
Filesystem
DB2
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
Will Azure Websites support virtual network in the future. To enable an Azure Website to connect to VM:s and Cloud Services using a local ip within Azure instead of needing to open up the servers and services to everyone by using the public IP.
Is that something that's actively being developed or is such a feature way into the future. Or both.
i think feature has been there for a while, please checkout below article
https://azure.microsoft.com/en-us/blog/azure-websites-virtual-network-integration/
Quote:
Azure Websites is happy to announce support for integration between
your Azure VNET and your Azure Websites. While you cannot place your
Azure Website in an Azure VNET, the Virtual Network feature grants
your website access to resources running your VNET. This includes
being able to access web services or databases running on your Azure
Virtual Machines. If your VNET is connected to your on premise network
with Site to Site VPN, then your Azure Website will now be able to
access on premise systems through the Azure Websites Virtual Network
feature. This feature is currently in Preview and will continue to be
improved on the road to GA.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am doing some preliminary research on Windows Azure. The idea is to move 200+ ASP classic websites to Windows Azure. I am wondering if this is possible and feasible? Can I host that many websites on a single VM? Also note that each website needs to have its own set of email addresses.
There's absolutely no reason why you couldn't host all those sites on Azure VM (assuming you're talking about the preview Virtual Machine functionality). You get your own isolated machine, with its own IIS and IP. What you put on it is up to you, but it's no different than getting a VPS from any other company (rackspace etc.).
Obviously this is assuming that your sites are not very resource heavy and the memory etc. you get with different VM sizes can support the use.
Marek's answer isn't wrong, but please don't use "Virtual Machines" for this, and instead use Cloud Services (specifically, a web role). A web role lets you deploy just your code (in this case: websites) without having to mess with managing a full VM.
In short, PaaS is better than IaaS, as long as your app fits the model (which IIS-based websites do in Windows Azure).
I don't know what "each website needs to have its own set of email addresses" means or how it relates.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I would like to limit access to my SQL Azure databases to only roles that are within the same subscription.
It seems the 'Allow other Windows Services to access this server' (0.0.0.0 - 0.0.0.0) rule would allow access attempts from any role within any subscription.
Is there currently any way to limit connection attempts to only my roles? If not what protection does SQL Azure offer against hostile roles?
Currently there is no way to limit connection attempts to only your roles. It's only a "normal" firewall which, when open for "other Windows Services" will open the 1433 port to all Azure services. No way to distinguish by role.
About the protection - I guess the only protection is the default SQL Server Authentication. I cannot say though if there is some auto blocking mechanism for too many wrong password attempts.
Something else - when you create a server, you have a unique server name, which is unique to your account and not other. So in order for the "hostile role" to begin attempting connect to your server, it must first discover your server name. Then your administrator user (which is something you create) or a valid login.