Corda on Azure provides an automated way to deploy Corda nodes on Microsoft Azure with integrated networking and security. It simplifies node deployment through the Azure portal. Nodes can easily join existing Corda networks. Azure services like Key Vault integrate with Corda for certificate management. Virtual networks secure node communication, with options for VNET peering or site-to-site VPN. Continuous integration deploys updates. Monitoring integrates with Azure services for node insights.
Get an overview of HashiCorp's Vault concepts.
Learn how to start a Vault server.
Learn how to use the Vault's postgresql backend.
See an overview of the Vault's SSH backend integration.
This presentation was held on the DigitalOcean Meetup in Berlin. Find more details here: https://www.meetup.com/DigitalOceanBerlin/events/237123195/
Advanced Load Balancer/Traffic Manager and App Gateway for Microsoft AzureKemp
While Azure provides native load balancing capabilities, our KEMP Virtual LoadMaster (VLM) significantly improves on these via advance features like application delivery and load balancing in Layer 7 of the network stack. Other features that KEMP VLM delivers for Azure based and hybrid infrastructure deployments are:
- Client authentication and single sign-on (SSO) High Performance Layer 4 & Layer 7 Application Load Balancing
- Intelligent Global Site Traffic Distribution
- Application Health Checking
- IP and Layer 7 Persistence
- Content Switching
- SSL Acceleration and Offload
- Compression
- Caching
- Advanced App Gateway Services
- Provide better Load Balancing over the Internal Load Balancer
- Sophisticated Traffic Manager
https://kemptechnologies.com/solutions/microsoft-load-balancing/loadmaster-azure/
https://azure.microsoft.com/en-us/marketplace/partners/kemptech/vlm-azure/
Secure your applications with Azure AD and Key VaultDavide Benvegnù
Developers like the productivity of the Azure Platform, and now with Azure KeyVault and AAD we can easily secure secrets like DocumentDB, Media Services or Azure Batch keys in Azure KeyVault and apply granular policies to define who can access the secrets.
In this session we will see how to adopt a secure approach to manage application secrets by using Azure KeyVault, Azure Active Directory and Principals based on Certificates.
Get an overview of HashiCorp's Vault concepts.
Learn how to start a Vault server.
Learn how to use the Vault's postgresql backend.
See an overview of the Vault's SSH backend integration.
This presentation was held on the DigitalOcean Meetup in Berlin. Find more details here: https://www.meetup.com/DigitalOceanBerlin/events/237123195/
Advanced Load Balancer/Traffic Manager and App Gateway for Microsoft AzureKemp
While Azure provides native load balancing capabilities, our KEMP Virtual LoadMaster (VLM) significantly improves on these via advance features like application delivery and load balancing in Layer 7 of the network stack. Other features that KEMP VLM delivers for Azure based and hybrid infrastructure deployments are:
- Client authentication and single sign-on (SSO) High Performance Layer 4 & Layer 7 Application Load Balancing
- Intelligent Global Site Traffic Distribution
- Application Health Checking
- IP and Layer 7 Persistence
- Content Switching
- SSL Acceleration and Offload
- Compression
- Caching
- Advanced App Gateway Services
- Provide better Load Balancing over the Internal Load Balancer
- Sophisticated Traffic Manager
https://kemptechnologies.com/solutions/microsoft-load-balancing/loadmaster-azure/
https://azure.microsoft.com/en-us/marketplace/partners/kemptech/vlm-azure/
Secure your applications with Azure AD and Key VaultDavide Benvegnù
Developers like the productivity of the Azure Platform, and now with Azure KeyVault and AAD we can easily secure secrets like DocumentDB, Media Services or Azure Batch keys in Azure KeyVault and apply granular policies to define who can access the secrets.
In this session we will see how to adopt a secure approach to manage application secrets by using Azure KeyVault, Azure Active Directory and Principals based on Certificates.
Because the SAML Protocol is so foundational to the cloud identity software as a service Gluu provides, we wanted to lay out the basics of SAML for those interested.
The following can be thought of as a basic guide to getting you conversational with the SAML protocol.
A simple CRUD (no D for the blockchain) cases, you can understand how to use R3 Corda to build a simple "database", record the state by data flow and smart contract.
Interview Questions for Azure Security.pdfInfosec Train
Cloud computing is revolutionizing how businesses operate in today’s
digital landscape. According to a Gartner survey, Azure is the market’s
second most popular cloud service provider. As Microsoft Azure grows
in popularity, large enterprises around the world are becoming more
Azure-centric than ever.
What does Day 0 with Vault secrets management look like? What about Day 1? 2? N? This talk gives you a detailed look at typical Vault user progressions that provide the most successful deployments for customers
What is JWT?
When should you use JSON Web Tokens?
WHAT IS THE JSON WEB TOKEN STRUCTURE?
JWT Process
PROS AND CONS
JWT.IO
Using JSON Web Tokens as API Keys
Learn how FIDO standards compliment federation protocols. These guidelines detail how to integrate the two in order to add support for FIDO-based multi-factor authentication and replace or supplement traditional authentication methods in federation environments.
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Neeraj Kumar
In this session, we will learn to create a Point-to-Site VPN connection using VPN Gateway. We will see how the Virtual Network Gateways are created in Azure, and what are the scenarios where Point-to-Site VPNs are useful
This is the extension to the previous session, which was Part 02 of the Azure Virtual Network series.
1. Part 01 - https://www.youtube.com/watch?v=JPdo8...
2. Part 02 - https://www.youtube.com/watch?v=wQeg_...
Becoming a Microsoft Specialist in Microsoft Azure InfrastructureSyed Irtaza Ali
A quick study guide to the Microsoft Azure exam on how to manage infrastructure in Azure.
12/08/2014 - Version 3.0 uploaded with Azure Features and additional MCQs
11/10/2014 - Version 2.0 uploaded with 5 sample questions.
11/07/2014 - Version 1.0 uploaded
Because the SAML Protocol is so foundational to the cloud identity software as a service Gluu provides, we wanted to lay out the basics of SAML for those interested.
The following can be thought of as a basic guide to getting you conversational with the SAML protocol.
A simple CRUD (no D for the blockchain) cases, you can understand how to use R3 Corda to build a simple "database", record the state by data flow and smart contract.
Interview Questions for Azure Security.pdfInfosec Train
Cloud computing is revolutionizing how businesses operate in today’s
digital landscape. According to a Gartner survey, Azure is the market’s
second most popular cloud service provider. As Microsoft Azure grows
in popularity, large enterprises around the world are becoming more
Azure-centric than ever.
What does Day 0 with Vault secrets management look like? What about Day 1? 2? N? This talk gives you a detailed look at typical Vault user progressions that provide the most successful deployments for customers
What is JWT?
When should you use JSON Web Tokens?
WHAT IS THE JSON WEB TOKEN STRUCTURE?
JWT Process
PROS AND CONS
JWT.IO
Using JSON Web Tokens as API Keys
Learn how FIDO standards compliment federation protocols. These guidelines detail how to integrate the two in order to add support for FIDO-based multi-factor authentication and replace or supplement traditional authentication methods in federation environments.
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Neeraj Kumar
In this session, we will learn to create a Point-to-Site VPN connection using VPN Gateway. We will see how the Virtual Network Gateways are created in Azure, and what are the scenarios where Point-to-Site VPNs are useful
This is the extension to the previous session, which was Part 02 of the Azure Virtual Network series.
1. Part 01 - https://www.youtube.com/watch?v=JPdo8...
2. Part 02 - https://www.youtube.com/watch?v=wQeg_...
Becoming a Microsoft Specialist in Microsoft Azure InfrastructureSyed Irtaza Ali
A quick study guide to the Microsoft Azure exam on how to manage infrastructure in Azure.
12/08/2014 - Version 3.0 uploaded with Azure Features and additional MCQs
11/10/2014 - Version 2.0 uploaded with 5 sample questions.
11/07/2014 - Version 1.0 uploaded
Microsoft Azure Tutorial | Microsoft Cloud Computing | Microsoft Azure Traini...Edureka!
This Microsoft Azure Tutorial will get your basics right about Microsoft Azure. It starts from the basics, so shall be helpful to a beginner who doesn't know anything about Cloud Computing as well. Below are the topics covered in this tutorial:
1) What is Cloud?
2) What is Microsoft Azure?
3) Azure Job Trends
4) Different Domains in Azure
5) Azure Services
6) Azure Pricing Options
7) Demo on Azure
8) Azure Certifications
To take a structured training on Microsoft Azure, you can check complete details of our Microsoft Azure Certification Training course here: https://goo.gl/585NMJ
Adoption of Cloud Computing in Healthcare to Improves Patient Care CoordinationMindfire LLC
The cloud has revolutionized the way we live and work. It has brought about a new era of flexibility and convenience, allowing us to access information and collaborate with others from anywhere in the world.
According to a Gartner survey, global spending on cloud services is projected to reach over $482 billion this year (2022). The numbers are much higher than those recorded last year, i.e., $313 billion.
One of the biggest announcements at the Microsoft Ignite 2019 is Azure Arc – the hybrid and multi-cloud platform from Microsoft.
View this content to learn how Azure Arc allows enterprises to manage on-prem and cloud resources like Windows VMs, Linux Servers, Kubernetes clusters, and Azure data services by centrally organizing and governing from a single place.
Load Balancing and Data Management in Cloud Computingijtsrd
Cloud computing is an online storage media where we access, store and manage the data. It stores the data on remote servers rather than a local server and that data can be accessed through the internet. For example Google Drive is personal cloud storage from Google. When there are number of request in cloud computing, then load balancer is used to distribute request between the remote servers and efficiently handle those request. Load balancer distributes client request or network load efficiently across multiple servers. By using cloud infrastructure, we don't have to spend huge amount of money on purchasing and maintaining equipment. Cloud data management is a way to manage data across cloud platforms, either with or instead of on premises storage. Deepali Rai | Dinesh Kumar "Load Balancing and Data Management in Cloud Computing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31035.pdf Paper Url :https://www.ijtsrd.com/engineering/computer-engineering/31035/load-balancing-and-data-management-in-cloud-computing/deepali-rai
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEcscpconf
There are many challenges that the developers will come across while developing or migrating applications to cloud. This paper intends to discuss various points that the developers need to be aware of during the development or migration of the application to the cloud in terms of various parameters like security, manageability, optimal storage transactions, programmer productivity, debugging and profiling, etc. The paper provides insights into how to overcome these challenges when developing / migrating the on-premise application on to cloud and the difference in programming when targeting the on-premise data center and cloud. The primary focus area for cloud in this paper would be on Microsoft Windows Azure, Google App Engineand Amazon cloud.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. History of Corda on Azure
2016
Corda solution added to Azure
Marketplace
2017
Partnership announced between R3
and Microsoft
2018
Onboarded Insurwave consortium on
Azure
2019
Introduced Corda Logic Apps and Flow
to help with integration
4. Building from scratch is a huge undertaking
Choose
your ledger
Write smart
contract
Manage node
health
Build the
network
Manually
deploy ledger
Write
business logic
Assign node
identities
Connect
nodes
Provision
members
Network
governance
Extend to
additional
networks
Manage
permissions
Establish
node roles
Enforce
policies
Customize
integrations
5. Deployment and monitoring of Corda nodes
on Azure
High-level architecture
Describe in detail the automated deployment of Corda nodes along with the design needed to support networking and
security of such an enterprise solution.
We will not go into the details about the Corda Enterprise architecture/design, although we do provide links to the
Corda Enterprise documentation for reference wherever applicable.
Our goal:
• How to deploy Corda network on Microsoft Azure?
• How to integrate Corda with Azure Key Vault?
• How to secure Corda network communication?
6. Reference Implementation
Trade Finance – Business (classic)
A business scenario that involves peer-to-peer transactions in a non-trusted environment is a viable candidate for
Blockchain technology.
Trade Finance enables the exchange of goods. However, the classic process is prone to delays and frauds.
It’s largely manual and lacks transparency.
It is one of the key business scenario for realizing the benefits of Blockchain, which can help reduce the disputes and
errors and bring in transparency by providing a single source of truth.
https://en.wikipedia.org/wiki/Trade_finance
8. Biz Architecture with Blockchain
Trade Finance - Blockchain
Benefits of using Blockchain/DLT:
▪ Real-time review: Financial documents linked and accessible through Blockchain are reviewed and approved in real
time, reducing the time it takes to initiate shipment.
▪ Disintermediation: Banks facilitating trade finance through Blockchain do not require a trusted intermediary to assume
risk, eliminating the need for correspondent banks.
▪ Decentralized contract execution: As contract terms are met, status is updated on Blockchain in real time, reducing the
time and headcount required to start transactions as well as monitor the delivery of goods.
▪ Proof of ownership: Blockchain provides transparency into the location and ownership of the goods.
▪ Automated settlement and reduced transaction fees: contract terms executed via smart contract eliminate the need for
correspondent banks and additional transaction fees.
9. Tech Architecture - Cloud
Trade Finance – Cloud Infrastructure and Azure
Describe the cloud services needed to enable such a scenario on Microsoft Azure using Corda Enterprise.
The design follows the ‘Multiple Organizations, Private Consortium’ approach (refer here).
It is a true consortium setup where each organization/party has its own setup of Azure services (e.g. AD tenant etc.),
which is provisioned in its own Azure subscription/region.
The Corda node running in respective organization/party setup is enabled for peer-to-peer communication with other
Corda nodes within other organization/party setup.
A conceptual multi-member network architecture follows (refer here for more details).
12. Corda
Core Components
▪ A persistence layer for storing data
▪ A network interface for interacting with other nodes
▪ An RPC interface for interacting with the node’s owner
▪ A service hub for allowing the node’s flows to call upon the node’s other services
▪ A CorDapp interface and provider for extending the node by installing CorDapps
https://docs.corda.net/key-concepts-node.html
14. Azure
Which Operating System (OS) to use?
Corda can be deployed on both Windows and Linux. It can also be containerized with Docker (Refer
https://docs.corda.net/head/deploying-a-node.htm for more details)
When using Azure VM, as a best practice we should always use Azure Data Disks and at the Operating System level run
the Corda node from the logical data disk which can be configured to aggregate 2 or more disks.
On Windows we recommend the usage of Storage Spaces and on Linux we have the following guidance available to
achieve maximum performance - https://docs.microsoft.com/enus/azure/virtual-machines/linux/optimization
Corda has made available a docker image which allows to run inside a container and can be found in the following
repository - https://github.com/corda/corda-docker. Also, if we run the Corda node in a container, we should also use
volumes which are the preferred mechanism for persisting data generated by and used by Docker containers:
https://docs.docker.com/storage/volumes/
16. Azure
DevOps and CI/CD
We can use a continuous integration and continuous deployment (CI/CD) pipeline to automate the deployment tasks
and push changes to the Corda nodes automatically.
Visual Studio Team Services (VSTS) provides the CI/CD pipeline, starting with a Git repository for managing your
application source code and infrastructure code (ARM templates).
Note: Please refer to the resource below for more details on Continuous Integration and Delivery
using Visual Studio Team Services
https://www.visualstudio.com/team-services/continuous-integration/
The pipeline can use Azure ARM templates to provision or update the infrastructure as necessary in each subscription,
and then deploy the updated build following a workflow as described in the next diagram.
18. Azure
Keys Management Using Azure Key Vault - Understanding Corda Keys and Certificates
It’s critical to be familiar with Corda key/certificate management concepts before understanding the possibilities of
integrating with Azure Key Vault - https://docs.corda.net/permissioning.html
A Corda network has four types of Certificate Authorities (CAs):
▪ Root Network CA
▪ Doorman CA
▪ Node CAs
▪ Legal Identity Cas
Corda’s X509Utilities (which uses Bouncy Castle) can be used to create public/private keypairs and certificates. Included
below are the steps needed to build the Certificate hierarchy:
• Root Network CA – Generate keypair, create a self-signed certificate for the keypair
• Doorman CA – Generate keypair, obtain a certificate for the keypair signed with the root network CA key
• Node CA – For each node, generate keypair, obtain a certificate for the keypair signed with the doorman CA key
20. Azure
Keys Management Using Azure Key Vault - Azure
Key Vault (AKV) Integration
The diagram below describes, at a high-level, the
certificate creation process involving a given application
and AKV. The step by step description of the process is
available - https://docs.microsoft.com/en-gb/azure/key-
vault/create-certificate
21. Azure
Securing Corda Network Communication
A Corda network is an authenticated peer-to-peer network of nodes, where each node is a Java Virtual Machine run-
time environment hosting Corda services and executing applications. All communication between nodes is direct, with
TLS-encrypted messages sent over AMQP/1.0.
Each Corda network has a Network Map Service that publishes the IP addresses through which every node on the
network can be reached, along with the identity certificates of those nodes and the services they provide.
More information is available here: https://docs.corda.net/key-concepts-ecosystem.html
On Azure, a Corda network will constitute of corda nodes running within an Azure Virtual Network (VNET) deployed
across multiple Azure subscriptions owned by the respective consortium participants.
We have multiple options to interconnect them. These options take in account subscription limits and best practices for
each of the connectivity methods used to connect corda network nodes across the different VNETs.
22. Azure
Network - VNET peering
The first option to interconnect a Corda
network would be using VNET peering,
which would allow for higher number
of transactions along with enabling
better performance
https://docs.microsoft.com/en-
us/azure/azure-subscription-service-
limits
In blockchain, we’ll typically have each
member belonging to a different
company, each with its own subscription,
Identity management requirements and
restrictions. So peering works when all
subscriptions are associated with the
same Azure AD tenant.
23. Azure
Network - Site-to-Site VPN
In case each member of the consortium wants to have its own Azure AD tenant then the next solution is setting up
the network through either a VPN Gateway or a Network Virtualization Appliance (NVA) which would establish the
connections between both networks https://aka.ms/AzureSiteToSiteVPNCORDA
24. Azure
Network - Nginx with DDoS
Standard
The third solution is when customers have
a public IP address which is associated
with the Corda node and we need to
secure this endpoint with the means which
we have available for Layers 3, 4.
The Azure DDoS Standard Protection
service protects your application from a
comprehensive set of network layer (Layer
3, 4) attacks.
https://docs.microsoft.com/en-
us/azure/virtual-machines/linux/tutorial-
secure-web-server
27. Simple node deployment and configuration
Simple, quick deployment
Configure and deploy a Corda node (Corda Enterprise v4) with a
single Azure portal pane, or through REST APIs, x-Plat CLI and
Powershell
Easily join Corda network of choice
Add your Corda node to Testnet, UAT, Corda Network, or a private
business network
28. Simple node deployment and configuration
Simple, quick deployment
Configure and deploy a Corda node (Corda Enterprise v4) with a
single Azure portal pane, or through REST APIs, x-Plat CLI and
Powershell
Easily join Corda network of choice
Add your Corda node to Testnet, UAT, Corda Network, or a private
business network
29. Azure + Corda Enterprise = Built for business
Designed for enterprise readiness
Built to meet enterprise standards in terms of
performance, compliance, security, and
interoperability
Optimized for Azure customers
Integrated with key Azure services, such as AKV,
Azure SQL, and Azure Monitor
Open and extensible platform and ecosystem
Innovate and extend the shared partner ecosystem by
leveraging Corda Enterprise on Azure Blockchain
Service
30. Simple node deployment and configuration
Simple, quick deployment
Configure and deploy a Corda node (Corda Enterprise v4) with a
single Azure portal pane, or through REST APIs, x-Plat CLI and
Powershell
Easily join Corda network of choice
Add your Corda node to Testnet, UAT, Corda Network, or a private
business network
31. Node management
Manage access to node
Provide access to node via basic
authentication and manage password
Gracefully drain and restart nodes
Control node restart on your own terms,
gracefully allowing flows to drain
32. Node users management
Manage node user permissions
Easily add and manage node user
permissions based on installed CorDapps
33. CorDapp management
Manage installed CorDapps
Easily add and manage CorDapps to
your node with built-in graceful flow
draining
Deploy and broadcast CorDapps
Easily deploy as many CorDapps you
want to your node and share those
CorDapps with others in your network
34. Node health, monitoring and logging
Azure Monitor logging and alerting integration
Get node insights such as transaction count, CPU and memory
usage, as well as alerts for user-defined thresholds
View ledger and proxy logs in Log Analytics
Configure rich views for logging events emitted from Corda and
proxy, enabling insights into blockchain activity and network
connections
35. Roadmap
• Corda node provisioning
• Simple CorDapp management
• Single RPC user
• MVP portal UX
• Basic monitoring and logging
• Simple documentation
• Support channel
• Enhanced CorDapp management
• Enhanced RPC user management
• Full portal UX
• Enhanced monitoring/logging
• Documentation
• HA/DR
• Upgrade support
• Firewall/network privacy
functionality
• AKV signing
• Billing/business model
• Onboard Microsoft support
• Documentation
Milestone 1 – MVP
Private Preview
Milestone 2 – Full
Private Preview
Milestone 3 – Public
Preview
36. All on the best cloud for blockchain
Analysts place us ahead of the competition
Our open, app-focused approach has been
validated by Gartner, Forrester and many other
third-party analysts
We have designed a thoughtful product portfolio
We have spent 4 years developing the most open
and comprehensive blockchain portfolio to simplify
development of this new class of apps
Customers and partners trust us
Businesses have built thousands of blockchain apps
on Azure working with our rich ecosystem of
blockchain partners
37. Join customers and partners building blockchain apps
on Azure
PARTNERS CUSTOMERS