How to restrict users from uploading files from Azure Virtual Desktop(AVD) to personal or public sites?

DevOps Guy

1/19/23, 11:49 PM

How to restrict users from uploading files from Azure Virtual Desktop(AVD) to personal or public sites like gmail, google drive, personal onedrive, personal office365 account, dropbox, box, github, gitlab, bitbucket, azure git, etc. such site. Basically we want to restrict users from uploading files to any websites via browser or cli. Only exception should be to the sites which we want to allow. How to achieve this? Please help. Note:- we don't have anything on-premise. our AVD is in Azure cloud only.

0 + 0

azure

azure-active-directory

windows-10

azure-networking

Score:1

Server

Doug

1/20/23, 8:46 AM

You would do this precisely as you would an on-premise workstation using proxy or firewall services to limit access to the Internet.

Network Security Groups provide basic firewall services which would allow you to block traffic. You need to research the traffic to create rules which is generally not friendly. This is suitable if you want to block all traffic and only allow a small number of selected sites, however it is not recommended for more general security needs.

Azure Firewall has some filtering capabilities built-in which may meet your needs.

Microsoft Cloud App Security, Microsoft 365 Data Loss Prevention can help secure your data as well.

Virtual firewall appliances from all the major networking companies are available in the Azure marketplace.

0 + 0

DevOps Guy

1/20/23, 5:13 PM

Thank you. We will look into the Microsoft tools/services you mentioned too. I was thinking about combination of some of these services " Intune, MS Cloud App Security, MS Endpoint Protection, WIP/DLP, Firewall, MS Defender ".

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to restrict users from uploading files from Azure Virtual Desktop(AVD) to personal or public sites?

TH: จะจำกัดผู้ใช้ไม่ให้อัปโหลดไฟล์จาก Azure Virtual Desktop (AVD) ไปยังไซต์ส่วนบุคคลหรือสาธารณะได้อย่างไร

RO: Cum să restricționați utilizatorii să încarce fișiere de pe Azure Virtual Desktop (AVD) pe site-uri personale sau publice?

RU: Как запретить пользователям загружать файлы из Виртуального рабочего стола Azure (AVD) на личные или общедоступные сайты?

VI: Làm cách nào để hạn chế người dùng tải tệp từ Azure Virtual Desktop (AVD) lên các trang web cá nhân hoặc công cộng?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.