Penetration Testing improved in Azure

January 30, 2015

Hey Microsoft conducts regular penetration testing to improve Azure security controls and processes. security assessment is also an important part of our customers' application development and deployment. Therefore, Microsoft have established a policy for customers to carry out authorized penetration testing on their applications hosted in Azure. Because such testing can be indistinguishable from a real attack, it is critical that customers conduct penetration testing only after obtaining approval in advance from Azure Customer Support. Penetration testing must be conducted in accordance with Microsoft terms and conditions. Requests for penetration testing should be submitted with a minimum of 7-day advanced notice. To...
tags:
no comments

Protocols Supported by Azure Active Directory

January 22, 2015

Hey, Building Applications which protected by Azure Active Directory Provides a supported protocols: WS-Federation – This is arguably one of the most well-known and used protocol today for authenticating users of web applications. Microsoft uses it when authenticating users for some of their own cloud applications, such as the Microsoft Azure Management portal, Office 365, Dynamics CRM Online, and more. There is great tooling support in Visual Studio 2010, 2012, and 2013 for this protocol making it very easy for developers to protect their applications using Azure Active Directory. The token format used in this protocol is SAML. SAML-P – This is also a widely...
tags:
no comments

Securing the Microsoft Cloud

January 16, 2015

Microsoft recognizes that trust is necessary for organizations and consumers to fully embrace and benefit from cloud services. We are committed to providing customers the information they need to have confidence in Microsoft as their preferred cloud provider. Although the cloud can be abstract, our security policies and practices are not. They are based on leading industry standards and years of experience.   I Recommend to follow the paper below: Securing the Microsoft Cloud      
tags:
no comments

Access Control in Azure Active Directory

January 11, 2015

In Microsoft Azure Active Directory, Access Control is an effective Feature that takes an Integral part in Trust relationships.         A rule group is a named set of claim rules that define which identity claims are passed from identity Providers to your relying party application.       When ACS receives a token request or a token from an identity provider, it runs through all of the rule groups associated with the relying party application to process the claims in the token.           We can create and edit rule groups and rules either manually, Using the ACS Management Portal or programmatically, Using the ACS Management Service.      
tags:
one comment

Network Security Groups in Azure

January 8, 2015

Hey Recently I took part in a project on Azure Cloud Services infrastructure, using a Network Security Group (NSG) for Access Control Rules that allow & deny traffic to VM instances in each Environment. I recommend to read the following article below: http://msdn.microsoft.com/en-us/library/azure/dn848316.aspx
tags:
no comments

Trust between FAST Sharepoint Server and FAST Search Server for Sharepoint Server

January 4, 2015

Generating Key for Secure Store Service Application Open Sharepoint Management Shell ,Run the following commands to export: $stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigninCertificate $stsCert.Export(“cert”) | Set-Content –encoding byte SP_STS.cer 2. The file SP_STS.cer is created in the same directory from where the command was executed. C:\Users\OWNUser 3. Copy SPS_STS.cer to the directory FASTSearch to the FAST Search Server for SharePoint node  and copy the file to from C:\Users\OWNuser to c:\FASTSearch\ . 4. Import Certificate to publishing farm Open Windows PowerShell and Run the following commands: Type: cd c:\FASTSearch\installer\scripts .\InstallSTSCertificateForClaims.ps1 certPath c:\FASTSearch\MOSS_STS.cer 4.copy the pfx file from c:\FASTSearch\data\data_security\cert to the SharePoint Server, in this case, just to the root of c:\ You will also...
tags:
no comments