Tag: networking

Azure CLIInfrastructure

Securing Azure Virtual Machines using Network Security Groups (NSGs)

Security, Security!

This is top of mind for everyone these days and Azure has many security features.  Today we are going to explore the world of Network Security Groups (NSGs) and their use on Virtual Machines and traffic into and out of Virtual Networks.

A network security group (NSG) is a networking filter (firewall) containing a list of security rules allowing or denying network traffic to resources connected to Azure VNets. These rules can manage both inbound and outbound traffic. NSGs can be associated to subnets and/or individual Network Interfaces attached to ARM VMs and Classic VMs. Each NSG has the following properties regardless of where it is associated:

  • Name for the NSG
  • Azure region where the NSG is located
  • resource group
  • Rules either Inbound or Outboard defining what traffic is allowed or denied

When a NSG is associated to a subnet, the rules apply to all resources connected to the subnet. Traffic can be further restricted by also associating a NSG to a VM or NIC. NSGs that are associated to subnets are said to be filtering “North/South” traffic (in other words, packets flowing in and out of a subnet). NSGs that are associated to Network Interfaces are said to be filtering “East/West” traffic (in other words, how the VMs within the subnet connect to each other). Read More


Azure Availability Zones

One of the largest gaps that Azure has had when compared to the competition has been the lack of high-availability options.  The most glaring has been the lack of Availability Zones, which have been available in all the main providers such as AWS, Google and even Oracle.

Basically, Availability Zones allow cloud admins to deploy cloud resources to separate datacenters within a region.  This ensures that applications will remain online even if one of the provider’s datacenters go down.

Microsoft has announced a public preview of their Availability Zones to help protect you from datacenter-level failures. These Availability Zones are located inside an Azure region, and each one has its own independent power source, network, and cooling. These zones are separate datacenters which are located “10’s of miles”, from each other.  Microsoft has super-fast network connections between the zones, and have stated that they maintain very strict rules on the network latency between these datacenters. Read More


70-745 Implementing a Software-Defined Datacenter Certification Exam

New exams are announced every so often as Microsoft continues to grow the array of Microsoft Azure and Cloud certifications to compliment the broad array of services they offer. These exams test and verify the skills necessary to work with, build with, and manage these various services. One of the latest exams being added is the new 70-745 Implementing a Software-Defined Datacenter certification exam. This exam will test and verify your skills in building a modern datacenter; one that uses software-defined networking using Windows Server 2016 and Virtual Machine Manager (VMM); rather than the traditional hardware-based networking model from the old days of on-premises datacenter.

NOTE: At the time of writing this exam summary of the 70-745 Implementing a Software-Defined Datacenter certification exam, the exam was just recently released as a Beta exam. There is limited information available on the exam at this time, but I will update this post with more information as it becomes available.

Certification Target Audience

The 70-745 Implementing a Software-Defined Datacenter certification exam is geared towards IT Professionals with experience building out, securing, and managing Software-Defined Networking (SDN) environments for hosting Virtual Machines and Storage solutions. The exam will test your familiarity and understanding of Software-Defined Networking using Windows Server 2016 and Virtual Machine Manager (VMM).

Skills Measured

Here’s a very high level list of the skills and objectives measures on the 70-745 Implementing a Software-Defined Datacenter certification exam:

  • Plan and implement System Center Virtual Machine (VMM) Core Infrastructure
  • Implement Software-Defined Networking (SDN)
  • Implement Software-Defined Storage
  • Implement DataCenter Compute Solutions with Virtual Machine Manager (VMM)
  • Secure your Software-Defined Datacenter
  • Monitor and Maintain the Software-Defined Datacenter

Training Materials

Being a newly announced exam (at the time of writing this) there is still a very limited amount of training / study material available for the 70-745 Implementing a Software-Defined Datacenter certification exam. You’ll want to focus mostly on the Microsoft documentation for Windows Server 2016 and Virtual Machine Manager (VMM) when studying at this time.

Fortunately, there is also a Exam Reference book announced from Microsoft Press to be coming soon. The Exam Ref 70-745 Implementing a Software-Defined Datacenter book will offer you the ability to hone in your studying to focus on the specific objectives and skills measured by this exam.

The Exam Ref 70-745 Implementing a Software-Defined Datacenter preparation book from Microsoft Press currently scheduled for release on July 25, 2017.

Happy studying!


Free Microsoft Tech Summit Events in 2017

The Microsoft Tech Summit provides Free, two-day technical training for IT professionals and developers with experts who build the cloud services across Microsoft Azure, Office 365, and Windows 10. These events are being hosted ALL over the world, and you don’t want to miss out on this amazing free training! It doesn’t matter if you already know your way around the Microsoft cloud, or are completely new and just getting started.  These events boast 70 technical training sessions and hands-on labs to help build up your cloud skills. Plus, you’ll have an opportunity to connect with Microsoft engineering experts, technology partners, and your industry peers who can all help you make the most out of the Microsoft cloud!

Find a city and Register for an event near you!

Which cities?

Here’s a list of the currently published Tech Summit events around the globe:

  • Amsterdam – March 23 – 24
  • Birmingham – March 27 – 28
  • Chicago – January 19 – 20
  • Copenhagen – March 30 – 31
  • Bangalore – March 16 – 17
  • Frankfurt – February 9 – 10
  • Johannesburg – February 6 – 7
  • Milan – March 20 – 21
  • Seoul – April 27 – 28
  • Singapore – March 13 – 14
  • Washington D.C. – March 6 – 7

The above cities and dates are just the Tech Summit events in 2017. There were already a number of  awesome events held in 2016 (last year) in Taipei, Prague, Toronto, Sao Paulo, Mexico City, and Tel Aviv!!

Daily Agenda

The daily agenda for the 2 day long Tech Summit events is packed full of Sessions and Networking opportunities! Here’s a breakout of the daily agenda both days.

Day 1 Conference Agenda

  • Breakfast – Registration and Continental Breakfast
  • Morning – Keynote & General Sessions
  • Lunch & Networking
  • Afternoon – IT Pro & Developer Breakouts
  • Reception – Ask the Experts Reception

Day 2 Conference Agenda

  • Breakfast – Continental Breakfast
  • Morning – General Sessions AND IT Pro & Developer Breakouts
  • Lunch & Networking
  • Afternoon – IT Pro & Developer Breakouts

Go Register Now!