Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kurt Jung – Sr. Research Analyst KEMP Technologies

Published byAmanda Stanley Modified over 7 years ago

Similar presentations

Presentation on theme: "Kurt Jung – Sr. Research Analyst KEMP Technologies"— Presentation transcript:

1 Kurt Jung – Sr. Research Analyst KEMP Technologies
Azure Networking Kurt Jung – Sr. Research Analyst KEMP Technologies

2 Thanks to our Organizers!
Ben Serebin Exchange Junkie Tome Tanasovski PowerShell MVP Blog: Blog: Ken Reid David Sebban Windows IT Pro MVP Website: Blog: Eric Fellen Website:

3 User Group Communities
NYC PowerShell User Group Meetings: Second Monday of the month, 6:00PM, Microsoft NYC Office Web: New York Exchange User Group (NYExUG) Meetings: Second Tuesday of the month, 5:45PM to 9PM, Microsoft NYC Office Web: Devices and Datacenter User Group New York (DDUGNY) Meetings: First Thursday of the month, 6:00PM, Microsoft NYC Office Web:

4 Event Sponsors

5 Event User Groups

6 Azure Networking Virtual Networks

7 The Big (Network) Picture
Azure virtual network Users Internet Front-end access Dynamic/reserved public IP addresses Direct VM access, ACLs for security Load balancing DNS services: hosting, traffic management DDoS protection Virtual network Bring your own network” Segment with subnets and network security groups Control traffic flow with user defined routes Backend connectivity Point-to-site for dev/test VPN Gateways for secure site-to-site connectivity ExpressRoute for private enterprise grade connectivity Backend connectivity ExpressRoute VPN Gateways

8 Virtual Network Azure 10.0/16
On Premises 10.0/16 Internet Logical isolation with control over the network Create subnets and isolate traffic with network security groups Support for Static IP addresses Support for Internal Load Balancing DNS options – BYO or Microsoft Azure-provided Extend your trust boundary – VMs and Cloud Services on the same Network VPN & ExpressRoute Direct Internet Connectivity Azure VPN GW Backend 10.3/24 Mid-tier 10.2/24 Frontend 10.1/24 AD / DNS Virtual Network

9 Network Security Groups (NSG)
Enables network segmentation & DMZ scenarios Traffic Rules (up to 200 per NSG default) Filter incoming/outgoing traffic with allow/deny Individual addresses, address prefixes, wildcards Association Associate with virtual machines or subnets Rules can be updated independent of VMs Configure PowerShell, ARM or Portal On Premises 10.0/16 Internet Internet S2S VPNs VPN GW Backend 10.3/16 Mid-tier 10.2/16 Frontend 10.1/16 Virtual Network

10 Azure Multi-VIPs Load Balancer

11 Azure Multi-NIC

12 Azure Multi-IP Private IP Addresses per network interface = 50

13 Azure Networking Connectivity

14 Connectivity Options to Azure
Cloud Customer Segment and workloads Internet Connectivity Consumers Access over public IP DNS resolution Connect from anywhere Secure point-to-site connectivity Developers POC Efforts Small scale deployments Connect from anywhere Secure site-to-site VPN connectivity SMB, Enterprises Connect to Azure compute ExpressRoute private connectivity SMB & Enterprises Connect to Microsoft services Mission critical workloads

15 Site to Site VPN Route-Based VPN Policy-Based VPN
Traffic Selector: Any-to-Any /0  /0 Routing tables to direct traffic into different tunnels Multiple sites Routing features BGP & Transit dynamically update routes Forced Tunneling re-direct all Internet-bound traffic to on-premises Policy-Based VPN Traffic Selector: Prefix-to-Prefix /16  / /16  /16 “Firewall”-based VPN Single site only Does not support routing features

16 Express Route Ultra-Performance gateway Higher availability SLA
10Gbps to a virtual network Higher availability SLA Improved SLA from 99.9% to 99.95% More insights Self-help and troubleshooting tools on Azure portal: ARP table, routing table, traffic statistics Improved monitoring and diagnostics Deprecation of basic gateway SKU Existing basic gateways still supported with 99.9% availability SLA No new basic gateways Gateway SKU Throughput (Gbps) Standard 1 HighPerformance 2 UltraPerformance 9

17 Connectivity Options within Azure
Cloud Cloud Segment and workloads VNet Peering within region In-region VNet-to-VNet connectivity Direct VM-to-VM connectivity Peer VNets for routing and transit VNet-to-VNet via gateway Same region or cross regions Connectivity via Azure VPN gateways

18 VNet Peering Generally Available
Full-mesh direct connectivity High bandwidth Low latency Classic to ARM Peering Cross subscription Hub and Spoke configuration

19 Hub-and-Spoke with VNet Peering
10.0/16 On-Premises ARM VNet10.1/16 ARM VNet10.2/16 VPN Peering Gateway transit via Peering Supports NVA and Gateway Transit (ARM-to-ARM only) Sharing the Gateway in the Hub for all the Spoke VNets via Peering

20 DMZ Hub VNet with Peering
From DMZ per VNet to DMZ per region! Hub/DMZ and spoke with VNet Peering VNet 1 Internet Connectivity DMZ VNet Internet Firewall IDS/IPS WAF DMZ VNet 2 VNet Peering VNet 3 Backend VNets Cross-Premises Connectivity Azure VPN On Premises Sites

21 Demo VNET Peering

22 VNET Peering Demo

23 VNET Peering Demo

24 Network Troubleshooting
Azure Networking Network Troubleshooting

25 Azure Network Watcher View Topology IP Flow Verify Next Hop
Network Security Group view Packet Capture Subscription Limits Network Security Group Flow Logs Diagnostic Logs

26 Azure Network Watcher Generally available
West US North Central US West Central US Free during four month promotional period Ends August 2017

27 Demo Azure Network Watcher

28 Network Watcher Demo

29

30 Other information All slide decks will be posted on Grand Prize Raffle at 5:15pm Join us for Cash Bar & Free Guys 5:45pm

Download ppt "Kurt Jung – Sr. Research Analyst KEMP Technologies"

Similar presentations

Module 1: Demystifying Software Defined Networking Module 2: Realizing SDN - Microsoft’s Software Defined Networking Solutions with Windows Server 2012.

Module 1: Demystifying Software Defined Networking Module 2: Realizing SDN - Microsoft’s Software Defined Networking Solutions with Windows Server 2012.
Hybrid Hyper-scale Enterpris e Grade Azure compute regions.

Hybrid Hyper-scale Enterpris e Grade Azure compute regions.
Customer needs EnterpriseGrade HyperScale Hybrid.

Customer needs EnterpriseGrade HyperScale Hybrid.
Designing Networking and Hybrid Connectivity in Azure

Designing Networking and Hybrid Connectivity in Azure
Hybrid Hyper-scale Enterpris e Grade Azure compute regions.

Hybrid Hyper-scale Enterpris e Grade Azure compute regions.
Microsoft Azure Virtual Networks. Networking Compute Storage Virtual Machine Operating System Applications Data & Access Runtime Provision.

Microsoft Azure Virtual Networks. Networking Compute Storage Virtual Machine Operating System Applications Data & Access Runtime Provision.
LB VIP:Input Endpoint Internal Endpoint foo.cloudapp.net  VIP.

LB VIP:Input Endpoint Internal Endpoint foo.cloudapp.net  VIP.
CustomerSegment and workloads Your Datacenter Active Directory SharePoint SQL Server.

CustomerSegment and workloads Your Datacenter Active Directory SharePoint SQL Server.
Partner Practice Enablement - Overview This session is focused on networking with Microsoft Azure Infrastructure Services. Learn how to enable, secure.

Partner Practice Enablement - Overview This session is focused on networking with Microsoft Azure Infrastructure Services. Learn how to enable, secure.
Windows Azure Conference 2014 Lessons Learned From Large Scale Migrations to Windows Azure IaaS.

Windows Azure Conference 2014 Lessons Learned From Large Scale Migrations to Windows Azure IaaS.
Customer needs EnterpriseGrade HyperScale Hybrid.

Customer needs EnterpriseGrade HyperScale Hybrid.
MDC417 Follow me on Working as Practice Manager for Insight, he is a subject matter expert in cloud, virtualization and management.

MDC417 Follow me on Working as Practice Manager for Insight, he is a subject matter expert in cloud, virtualization and management.
On-premises Your datacenter Hybrid Datacenter scenarios Capacity Demand Remote Site Layered Solutions Strategic migration Disaster Recovery.

On-premises Your datacenter Hybrid Datacenter scenarios Capacity Demand Remote Site Layered Solutions Strategic migration Disaster Recovery.
Global scale with Microsoft Azure Scenarios Achieving high availability with Microsoft Azure Demos.

Global scale with Microsoft Azure Scenarios Achieving high availability with Microsoft Azure Demos.
Create a dynamic datacenter with software-defined networking

Create a dynamic datacenter with software-defined networking
Basil Apostolou & Craig Pringle The why and how of hybrid cloud CLD22 3.

Basil Apostolou & Craig Pringle The why and how of hybrid cloud CLD22 3.
Marin Franković MVP: SCCDM Algebra visoko učilište What’s new in Azure for IT Pro.

Marin Franković MVP: SCCDM Algebra visoko učilište What’s new in Azure for IT Pro.
Implement Storage Implement Blobs and Azure Files Manage Access Configure Diagnostics, Monitoring & Analytics Implement SQL Databases Implement Recovery.

Implement Storage Implement Blobs and Azure Files Manage Access Configure Diagnostics, Monitoring & Analytics Implement SQL Databases Implement Recovery.
Cybersecurity concerns persist Global attacks are increasing and costs are rising 4 Cybercrime extracts between 15% and 20% of the value created by.

Cybersecurity concerns persist Global attacks are increasing and costs are rising 4 Cybercrime extracts between 15% and 20% of the value created by.
Mastering Azure Connectivity to the Microsoft Cloud

Mastering Azure Connectivity to the Microsoft Cloud

Similar presentations

Ads by Google