 Hey, everyone, and welcome back to another edition of Wired for Hybrid. In this episode, we are going to review what's new in Azure Networking. We're looking at what was released and what became GA and Mike is taking the elevator to the basement that looks like. Oh, just getting right here in the studio here. Hey, there we go. There you are. It's just like all of a sudden it's like, oh, we should have done that during the spacer. That's OK. That's funny. All right. So we have a few GA's and a couple of preview, I think, sprinkled in there for a good measure. So, Michael, what do you got for us this month? Pierre, what do I have for you? So first thing off the bat is generally available. We have Gateway Load Balancer IPv6 support. So what this brings to us now we support IPv6 traffic so you can use this when you're using Gateway Load Balancer with your dual stack application. So just as a refresher so everybody knows and if you want a bigger refresher, check out Mahip and Pierre did a great deep dive on Gateway Load Balancer recently. Gateway Load Balancer is a skew of Azure Load Balancer that you use in scenarios where you have a third party network virtual appliance that sits in the middle of your traffic coming in and your traffic going to your application. So it could be something like filtering web traffic. So you've got an NVA sitting there that your traffic goes into that. Then that Gateway Load Balancer and then Load Balancer sends it to the customer application, wherever it is. So with this update, now you can support IPv6 front ends and back end pulls when you're working with Gateway Load Balancers. OK, why is this important? Is this IPv6 in front of the Load Balancer or behind the Load Balancer or both? Both. So you set up your IPv6, your front end addresses, your public IP addresses, you set up everything's running IPv6 and IPv4 when you set up a dual stack configuration. So it'll have an IPv4 and an IPv6 front end. And then it works with the IPv4 and IPv6 stuff you set on back of it. So, yeah, it's dual stack all the way through. OK. And so why is this important? Well, we all know that IP addresses ran out a while ago. If you talk to our buddy, Ed Hornley, he's been talking about it for years and years and years. But we even did we even did an episode with John Flores about IPv6. Absolutely. So it's one of those things that more customers are moving to utilizing IPv6. And many of them are doing it in this fashion. They're not just turning up IPv4 and going to IPv6. They're doing it in a dual stack scenario so that you can you have access to both of those. So this allows you to be able to utilize your gateway with your network virtual appliances in that IPv4 IPv6 dual stack scenario, which is pretty cool. And so we've got so we got plenty of we got check the show notes. We've got plenty of resources for you how to deploy a dual stack load balancer. If you're still trying to get up to date on creating a gateway load balancer, we've got a great tutorial for you on that. And what do you got for us, Pierre? Should we go? Let's go back and forth. That's always fun. Yeah. My first item is general availability. Rented mouth, general availability of sensitive that's a mouthful, sensitive data protection for application gateway web application firewall. That's quite an acronym. Yeah, I'm really hoping that we work on that name. But anyway, basically, it means that the regional web application firewall that we've been talking about for a long time and we've even had. No, we are planning a deep dive on WAF and now supports some protection for sensitive information because really Windows Web application firewall. When things happen, when it's saving, it's logged for debugging or for support or for something like that. It logs everything that that needs to be logged. And in some cases, you can have IP addresses, username, potentially password, depending on how the application is set. So all of that sensitive information is saved in the logs and the logs are clear text. And anyone that has operational access to the logs for operations can actually see that. So you see you see where the problem is, rather. Absolutely. So now you can actually create a scrubbing rule. That goes through all of your logs and replaces the sensitive data with a bunch of stars. So you'll have all your logs and they'll just be kind of exed out of the sensitive information and the sensitive information, lob scrubbing that is supports different variables, so header names, cookie names, argument names, post argument names, JSON names, IP address. So there's a big push on how you secure not only the access, but how the information is logged. Because if you can parse the log, then you have the information you need to potentially compromise the environment. Absolutely. Yeah, this is a this is a great add on because I know, you know, one of the things that we're we're seeing a lot. And this should make sense to everybody is, you know, internal IP addresses, those are that sensitive information in this day and age. And so a lot of this information that's included in there, you know, it's like back in the old days where people would dump the dump your physical memory and pull up passwords from there and, you know, that sort of stuff. So yeah, we're not we're not quite there in terms of vulnerability for with WAF, but if a customer is coming in from their own network, hitting the web application firewall, authenticating through that firewall and accessing the application, all of that information gets logged. So now we can scrub it from the log. Very cool. Very cool. That's a cool add on. Yeah. How about you? What's your second item? So the second item is actually something we talked about back in January. So we have a for Azure Front Door and Azure CDN. We have a domain fronting update. So if you if you remember back to our January episode, we talked about where where domain fronting was added into Azure Front Door and Azure CDN. So as a fresher, domain fronting is a technique that involves using different domain names in the server name indication, the SNI field of the TLS header and the host field of the HTTP host header. It hides traffic to a specific website by masking it as a different domain. It's one of the many ways that attackers will obfuscate. Yes, I got it on the first time. There are activities as they're going. So it's it's one of those things that hackers and attackers will use in order to try to to to mask what they're doing and and gain access to in their attacks. So what we had added back in September is that we added to the update. We put in domain front blocking restrictions for that. And this is one of those cases where this is a great example of how we take customers feedback and see what customers are doing and how they need to use the products and make changes based on those. So what we're doing is we're making an update so that instead of blocking the request when the SNI and host headers don't match, we allow the mismatch as long as the two domains are added to the same subscription. OK, so what was happening is that because they had people that had multiple domains were running into some problems with all of these. So this is one of those. Hey, you know, like a lot of times what happens when when stuff's done in security is like, OK, we're going to we're going to put the full shield up. Let's wait for the I use this the other day and somebody laughed. The scream test, do you remember the scream test, right? If you use it many times and you just you just wait for somebody to yell. And so we got our customers feedback. We're making those changes so it makes it still maintaining domain blocking, but allowing the customers to be able to manage it better and to utilize it, especially in scenarios where they have multiple domains with their data. So then starting the eighth, all existing domains will have this put into place. So previously, it was just for newly created. All domains will have this put into place. And then we've got some great documentation that talks you through, walks you through what this is all about, how it works, what gets triggered, all of those sorts of things. But some, you know, some really cool additional functionality. Again, give us your questions, send us your feedback. Let us know how the products are working for you. And we'll try the best to get that passed along. And who knows, maybe it'll help us build better products. Absolutely. This is how most of our development is done by customer feedback. Absolutely. So you've got one more for me. I have one more and it's dealing with the firewall, but not the web application firewall, but with the actual Azure firewall. So there's new capabilities with Azure firewall that new monitoring and logging capabilities with Azure firewall. So right now, we as of now, because it's generally available as of end of September, we now support new structured logs and also new latency probe metrics. So what that means is that it provides a more detailed views of some of the firewall events and also when it writes to the log, it hits multiple categories now. Network rule was added. What NAT rule was used, what threat intelligence log was used to deny, for example, what IDPS log, DNS proxy, internal FQD and resolving failure log, application rule aggregation logs, network rule aggregation logs and all of that stuff. So these are all new structured tables that have been added to the logs in a way to give a lot more detail as to what's going on when somebody's coming across that is either allowed or denied access to your system through Azure firewall. There is a couple of previews on that. So a top flow log, which is basically that shows the top connection that are contributing to the highest throughput into a firewall. So that's in preview, but it'll eventually make its way to the list of new rules and the flow trace. So a trace as to the full flow of information. So the SIN, SIN, ACK, FIN, FIN, ACK, RST, invalid flows, all that will eventually be GA, but currently is in preview in terms of logging capabilities. Well, awesome. Well, that's good stuff. Yeah, we had some really good stuff. And for all of you watching, all of the links will be in the show notes below or look at the address here on the blog posts that will summarize all of it. And of course, if you like this type of content, please like and subscribe and smash that bell so you get notified for new content. Absolutely. That being said, Michael, thanks for taking the time to to basically run the show last month without me. Absolutely. Absolutely. I I realize how much work it is that you put in for that. And I absolutely love doing it. I absolutely love getting together with you and wanted to just call it to everybody. Our next show is going to be coming up in November, which, as we know, Microsoft Ignite is just around the corner. So depending on when our next show lands, we may or may not have a lot of stuff for us. Or PRNM might decide to do some special things. As always, great to see you, Pierre. Thanks for listening to everybody and seeing the next episode of Wired for Hybrid. Cheers. Cheers.