Implement advanced monitoring for Azure OpenAI in Foundry Models through a gateway
Here is a snapshot of the same
Here is a snapshot of the same
Tuesday, December 23, 2025
Azure GenAI architecture
Things which we can enhance on this are
- Layers of governance (data,apps,compute,network and storage) that eould be great
- Plus integration of "piprline" and " quality gates testing" to make it more robust and self-healing
Tuesday, June 6, 2023
Microsoft Cybersecurity Reference Architectures
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟏
- 𝐈𝐝𝐞𝐧𝐭𝐢𝐭𝐲 𝐚𝐧𝐝
𝐀𝐜𝐜𝐞𝐬𝐬
o
Azure Active Directory:
Password-less & MFA, Hello for Business, Authenticator App, FIDO2 Keys,
Azure AD PIM, B2B & B2C. https://lnkd.in/grPgTT4R
o
Identity Protection:
Leaked Credential Protection. https://lnkd.in/gdgMJZNF
o
Identity Governance:
Identity, Access, and Privileged Access Lifecycle, Entitlement Management,
Access Requests, Workflow, Policy and Role Management, Governance Enforcement. https://lnkd.in/gbVEWcQs
o
Defender for Identity:
User Behavior and Activities, Investigate Alerts, AD FS Protection, Lateral
Movement Detection. https://lnkd.in/g53ave8s
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟐
- 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬
o
Microsoft 365 Defender:
Extended Detection and Response (#XDR). Endpoint, Office365, Identity, and more
https://lnkd.in/gXFnX2PQ
o
Defender for Cloud:
Cross Cloud XDR. https://lnkd.in/gZfP3QdF
o
Microsoft Sentinel:
Cloud Native SIEM, SOAR. https://lnkd.in/gnd-6c-u
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟑
- 𝐄𝐧𝐝𝐩𝐨𝐢𝐧𝐭 𝐚𝐧𝐝
𝐃𝐞𝐯𝐢𝐜𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
o
Microsoft Endpoint
Manager: Intune and Configuration Manager. https://lnkd.in/g4Vdfej2
o
Microsoft Defender for
Endpoint: https://lnkd.in/g3KPMPCx
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟒
- 𝐇𝐲𝐛𝐫𝐢𝐝 𝐈𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞
o
Defender for Cloud:
Cross Cloud XDR. https://lnkd.in/gZfP3QdF
o
Azure AD App Proxy:
Secure Remote Access. https://lnkd.in/g2DDNYUy
o
Azure Arc: Hybrid and
Multicloud Management. https://lnkd.in/gtaiiPgM
o
Azure Stack: Hybrid and
Edge Computing. https://lnkd.in/gvKNyKQD
o
Azure Firewall: https://lnkd.in/gVnVNJbB
o
Azure WAF: https://lnkd.in/gpQCgdNc
o
DDoS Protection: https://lnkd.in/gF796HMv
o
Azure Key Vault: https://lnkd.in/gqMuSJ4S
o
Azure Bastion: Secure
RDP/SSH, Secure VM. https://lnkd.in/gmdyEb5W
o
Azure Lighthouse: https://lnkd.in/gHHUVyJn
o
Azure Backup: https://lnkd.in/gzBpjFXs
o
Express Route: https://lnkd.in/gGBtuq5m
o
Private Link: https://lnkd.in/gzZVJ_gY
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟓
- 𝐈𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧
𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧
o
Microsoft Purview: https://lnkd.in/g289yg_D
o
Compliance Manager: https://lnkd.in/gprm3xD4
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟔
- 𝐏𝐞𝐨𝐩𝐥𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
o Attack Simulator: Simulation Training Platform. https://lnkd.in/g3xyhZff
o
Insider Risk Management:
https://lnkd.in/gfhxQEti
o
Communication
Compliance: https://lnkd.in/gKJd4HRm
· 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟕
- 𝐈𝐨𝐓 𝐚𝐧𝐝 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐚𝐥
𝐓𝐞𝐜𝐡𝐧𝐨𝐥𝐨𝐠𝐲
Azure
Sphere: IoT and OT Security Services. https://lnkd.in/gFMQRZB6
Azure Tips
Useful resources for Azure developers and architects! Microsoft Azure has unveiled the App Service Landing Zone Accelerator, an open-source collection of architectural guidance and reference implementation to accelerate the deployment of Azure App Service at scale. Whether you're building new applications in the cloud or looking to modernize your existing web apps, this accelerator provides a simple and robust starting point!
- 𝐒𝐞𝐜𝐮𝐫𝐞 𝐃𝐞𝐬𝐢𝐠𝐧 𝐏𝐫𝐢𝐧𝐜𝐢𝐩𝐥𝐞𝐬
- With the App Service Landing Zone Accelerator, you can implement a range of secure design principles to protect your apps and data.
- Use isolated network layers for the different components
- Use protected Azure Active Directory-based access via Managed Identity
- Use private endpoints for Azure services
- Use Network Security Groups to control inbound and outbound traffic at the subnet level
- Enable Standard DDoS Protection for the SPOKE
- 𝐂𝐨𝐦𝐩𝐫𝐞𝐡𝐞𝐧𝐬𝐢𝐯𝐞 𝐃𝐞𝐬𝐢𝐠𝐧 𝐀𝐫𝐞𝐚𝐬
The accelerator encompasses various design areas, covering critical aspects of your app's architecture.
- Identity and Access Management
- Network Topology and Connectivity
- Management and Monitoring
- Business Continuity and Disaster Recovery
- Security, Governance, and Compliance
- Application Automation and DevOps
- 𝐀𝐳𝐮𝐫𝐞 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐬 𝐚𝐧𝐝 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐬
Within the App Service Landing Zone Accelerator, you'll leverage a range of Azure features and services to enhance your app development process.
- Azure Front Door
- Private Endpoints
- Azure private DNS
- Network Security Group
- Azure Key Vault
- Azure Active Directory
- Azure Monitor
- Virtual Network
- Azure App Service
- Azure Cache for Redis
- Azure SQL DB
- Azure App Configuration
Read More:
- App Service Landing Zone Accelerator on GitHub
- Keep improving your skill set with Microsoft Learn
I hope you find these resources helpful. Happy learning!
Saturday, October 22, 2022
An Event Aggregator acts as a single source of events for many objects. It registers for all the events of the many objects allowing clients to register with just the aggregator.
Benefits. Producers and consumers are decoupled. No point-to-point integrations. It's easy to add new consumers to the system
Here is the overall solution
How to Organize Events Flow in a Microservices Architecture
Numerous enterprise solutions based on the microservices architecture have an issue with generalizing event flow from different sources. A lot of solutions also have various providers, for example:
- Azure Service Bus
- Apache Kafka
- RabbitMQ
Here we need a component with the ability to join event publishers and event subscribers
Another example that follows this principle is Azure Event Grid
With the Event-Grid, you can join cloud resources that produce events (publishers) and resources that handle the events (subscribers).
Thursday, April 2, 2020
Trace the API call in Kibana (https://www.elastic.co/kibana)
- Once you log in to Kibana, there are 5 important sections:
- Filter: Enter your API URI ex: /rest/getstock
- Filter by Time: Filter search to a particular time or date range
- Filter by Time: Filter search to a particular time or date range
- Add Filter
- Different API Fields are useful for searching purposes
- Usecase 1: Search by http_status code
- Step 1: Select the correct time
on the top right.
- Step 2: Left pan select the "Http_status_code" and press "Search Icon". It will automatically be added to the Add Filter
- Step 1: Select the correct time
on the top right.
- Use case 2: Search by API_KE
- Step 1: Select the correct time on the top right.
- Step 2: Left pan select the "api_key" and press "Search Icon". It will automatically be added to the Add Filter
- Use case 3: After setting all the filters needed, you want to check more details of the API:
- Use Case 4: Want to show a visual representation of the error code. Let select http_status_code from the left pan and press "Visualize"
Saturday, January 25, 2020
API Proxy versus API Gateways
- API Proxy
A proxy, in its most basic form, is an intermediary acting on behalf of something else. Similar to the legal concept of a proxy, an API Proxy acts on behalf of the API instead of an individual. In more technical terms, an API Proxy decouples the frontend of the API from the backend services and filters all incoming and outgoing traffic. The decoupling of front-end and back-end services allows for changes to be made to backend services without disrupting the production API. The filtering of incoming and outgoing traffic allows for monitoring, basic forms of security, request routing, and protocol translation.
- Important Note
It is important to note that API Proxies require an existing API while some API Gateways can assist in building a new API.
- API Gateway
API Gateways function in a similar way but have a much more robust set of features. Gateways perform the same functions as API Proxies, decoupling the frontend and backend of the API, monitoring, basic security, request routing, and protocol translation, but can also provide:
- Advanced Security
- Composition
- Custom API
- Load Balancing
- Caching
- Request Shaping and Management
- Static Response Handling
- Throttling
- API Proxy versus API Gateway?
The use case for an API Proxy versus an API Gateway depends on what kinds of capabilities you require and where you are in the API Lifecycle. If you already have an existing API that doesn’t require the advanced capabilities that an API Gateway can offer than an API Proxy would be a recommended route. You can save valuable engineering bandwidth because proxies are much easier to maintain and you won’t suffer any negligible performance loss. If you need specific capabilities that a proxy doesn’t offer you could also develop an in-house layer to accommodate your use case. If you are earlier in the API lifecycle or need the extra features that an API Gateway can provide, then investing in one would pay dividends
- Notable API Gateways
https://www.axway.com/en/products/api-management/gateway
https://konghq.com/solutions/gateway/
https://aws.amazon.com/api-gateway/
https://azure.microsoft.com/en-us/services/api-management/
https://apigee.com/api-management/
https://github.com/Netflix/zuul
https://github.com/TykTechnologies/tyk
Subscribe to:
Comments
(
Atom
)