Thomas Thornton
Currently a Senior Infrastructure Engineer in the Kainos Ops Capability
Thomas' Posts
Securing your secrets using Azure Key Vault and Virtual Machine Managed Identity
25 January 2019 | Posted by Thomas Thornton

In my previous blog I gave an overview of Azure Managed Identity, specifically around virtual machines and managed identities. In this, I will be detailing the process of implementing a secure use of Key Vault with this virtual machine and how Identity Management can be used to retrieve secrets. There are two types of managed identities. I…

Azure Managed Identities
23 January 2019 | Posted by Thomas Thornton

Keeping credentials safe and secure has always been a priority, even more so when in the cloud – quite a potential challenge within your application, virtual machine or requirements to authenticate to additional cloud services. Within Microsoft Azure, using managed identities is one of the security precautions that can assist you with the above! Overview…

Azure Action Groups – What are they?
21 January 2019 | Posted by Thomas Thornton

Action Groups within Azure are a group of notification preferences and/or actions which are used by both Azure Monitor and service alerts. They can be defined in various ways depending on the environment you are working on, whether one action group is used for all alerts or action groups are split into different alerting scenarios….

Azure Network Security Groups: 10 suggestions for best practice!
18 January 2019 | Posted by Thomas Thornton

As mentioned in a previous blog – NSG’s control access by permitting or denying network traffic in a number of ways, whether it be:- Communication between different workloads on a vNET Network connectivity from on-site environment into Azure Direct internet connection 1. One NSG to rule them all Do you really need a NSG per subnet? Or even,…

Microsoft Future Decoded 2018
AI and how maximising that opportunity, could shape technology into an even better place!
08 November 2018 | Posted by Thomas Thornton

Looking back at my two days at Microsoft’s Future Decoded event.

Azure Gateway VPN & Custom Routing via Third-Party Firewall Appliance
01 November 2018 | Posted by Thomas Thornton

Within your Azure Virtual Network (vNET) you may require connectivity from an additional source, options available include:- vNET Peer VPN Gateway ExpressRoute Gateway vNET Peer Common connection method for theoretically peering onto another Azure vNET, routing is done via the the Microsoft backbone and to the end user it will look like an extension of…

Microsoft Azure: NSGs & ASGs Simplified
25 October 2018 | Posted by Thomas Thornton

NSG’s (Network Security Group) & ASG’s (Application Security Group) are the main Azure Resources that are used to administrate and control network traffic within a virtual network (vNET). The difference Network Security Group is the Azure Resource that you will use to enforce and control the network traffic with, whereas Application Security Group is an…

Microsoft Azure:- Using PowerBI to visualise NSG flow logs
24 October 2018 | Posted by Thomas Thornton

Microsoft PowerBI is a suite of business analytic tools developed by Microsoft that works together to turn unrelated sources of data into coherent, visually immersive, and interactive insights – in theory, taking a dump of data and making it rather colourful and useful? How could I say no! Go from data to insights in minutes….