Category Network Security

Azure – AD Identity Protection

This feature looks to identify activity and assign a risk level. Risk detection and remediation”

All features look to be available in Azure AD Premium P2 and restricted number of features in Azure Premium P1 and Basic/Free.

Key differences are the notifications options only in Azure AD Premium P2.

There are three default polices

  1. User Risk
  2. Sign-In Risk
  3. MFA Registration

Example of the Identity Protection Policies

Reference How To Guides :

  1. How To: Configure the Azure Multi-Factor Authentication registration policy
  2. How To: Configure and enable risk policies
  3. How To : Identity protection configure notifications

AZURE – Control Storage Access by Networks

We have a storage account, “StorageV2 (general purpose v2)” and its can be accessed initially from all networks. We now want to restrict the storage access to an approved network location.

How?

Click on the storage account > Firewalls and virtual networks and click “selected networks”

You can allow access from virtual networks or allow access through the firewall. Example below adds a Virtual network name and an external IP range. Then click Save.