Posts

Showing posts from July, 2018

Configuring Virtual Machines using Azure Automation DSC

A few days ago, I published an article on how to apply a DSC configuration on an Azure Virtual machine. Although there's nothing wrong with publishing a configuration on an Azure Storage Account and having the machines apply it, there's a better way.

Azure offers a service called Automation Accounts, that among  other things, let's you publish configurations, register nodes in order to apply them and report on the node status. Let's see how to get it working!

We are going to need and Azure Automation Account to host the configurations, so let's create one:

PS C:\> New-AzureRmAutomationAccount -ResourceGroupName "Blog-DSC" `
                                     -Name "BlogDSCAutomationAccount" `
                                     -Plan Free `
                                     -Location WestEurope

SubscriptionId        : e******a-8**c-4**3-9**7-b**********9
ResourceGroupName     : Blog-DSC
AutomationAccountName : BlogDSCAutomationAccount
L…

Monitoring Microsoft SQL using OMS

Image
Moving on to the next article about Microsoft Operations Manager Suite, we're going to take a look on a solution for Microsoft SQL servers.
The SQL Health Check solution will provide useful information about the status of your SQL servers regarding security, compliance, availability, performance and many other aspects.
As you may see below, I have a lot of recommendations for my lab servers, including the accounts used by the SQL services, the performance of the tempdb and even the power settings on the servers!
Two of the below stand out, the suggestion to check the logins on the servers - since they are members of an availability group and missing logins can cause application downtime and the suggestion to limit the memory of the SQL server in order to avoid consuming memory needed by the operating system.

The solution also provides information about the upgrade and migration status, change management and operations and monitoring.

Here, I'm warned that Remote Desktop is no…

Assessing Security using OMS

Image
Having all this information such as application and security logs, installed updates and anti malware status on OMS, gives you the perfect opportunity to assess the security status of your organization and reduce your risk surface.

Fortunately, you don't have to write the queries yourself - although you could - since solutions that can produce security reports are just a few clicks away.

The "Security and Audit" solution performs multiple checks regarding update and anti malware status, applied security settings and even failed logon attempts. Below is a sample of the report:


The "Antimalware Assessment" solution is all about the health of your machines. It provides status reports, the threats that have been detected and the unprotected machines.


The above solutions, when combined, provide a full and detailed view on your organization's security status and give you the ability to tighten your overall security and discover trends and issues.

Related articles