The complete walkthrough of Azure networking services
23 – 04 – 2019: A new section has been added on Network security which includes Introduction to network security controls, implementation of Azure firewall in hub and spoke model, implementation of network security service tags and application security groups, configuration of service end points and policies, introduction to remote access management options and implementation of Windows Admin centre to remote desktop into Azure VM. Captions will be added by end of May 2019 for new lectures.
Microsoft Azure is the fastest growing cloud platform in the world. One of the key building blocks of Microsoft Azure is its network services. This course is designed to help you to build strong foundation & provide hands on experience in Microsoft Azure network services.
This course covers azure network skills required for 70-532, 70-533 & 70-535 Microsoft certification exams
This course has been designed with an architectural approach. Firstly I will give you an overview of Azure network services architecture and after this introduction, I will take you through following azure services
Virtual network & subnets – Create virtual networks & subnets and understand the design patterns
Network security group – Create network security group(NSG), create inbound & outbound rules, apply them at subnet levels, deploy the virtual machines in subnets and test NSG rules
User defined routes and VNet peeing – Create a user defined route to route the traffic through virtual appliance and peer VNets in same region
IP Addresses – Public & private IP addresses, Static & dynamic allocation
Load balancer – Configuration of frontend IP configuration, backend pool creation, health probes creation, configure load balancing rules, configure NAT rules, automatic reconfiguration & monitoring of the load balancer
Application gateway – Creation of application gateway, HTTP traffic load balancing, URL path based routing, multi site hosting, enable web application firewall and test the same, monitoring of application gateway
Traffic manager – Creation of traffic manager profile, add end points, load balance traffic based on performance, priority, weight and geographic routing methods.
Connectivity scenarios – Configure point to site VPN connection, VPN – VPN connection, Site to site VPN connection, Azure apps connection with VMs on Azure and finally connect Azure virtual network with Amazon web services virtual private cloud
Delivering hybrid solutions/applications connectivity – Introduction to App service plan and App service environment; Hybrid applications/solutions connectivity options; Lab demo on P2S VPN connectivity with Azure app service;App service environment connectivity; Introduction to hybrid connections; Lab demo on Hybrid connections and Hybrid connections manager.
Network security – Introduction to network security controls, implementation of Azure firewall in hub and spoke model, implementation of network security & application security groups, configuration of service end points and policies, introduction to remote access management options and implementation of Windows Admin centre to remote desktop into Azure VM.
This course contains both theory lectures and a significant number of labs that helps you in gaining hands-on experience in key Azure network related services.
Microsoft Azure is a constantly evolving platform and I will be keep close watch on Azure announcements and add new labs wherever possible.
So, start taking this course and put yourself in high demand in the world of IT and command higher salary!!!
This lecture provides you introduction to scope of the course
Azure Virtual networks & Subnets
In this lecture, I explained about different building blocks of Azure network services and how all fit together to deliver a networking solution
In this lecture, I explained what is Azure virtual network and also explain about the key capabilities of the same
In this lab I have shown how to create a virtual network using azure portal, take you through some of the key configuration setting and finally create subnets within the VNet
Network Security Groups
In this lecture, i explained about Network Security Group (NSG), about Inbound rules, Outbound rules, rule prioritisation and default rules
In this lab, I have shown how to create a NSG and create inbound/outbound rules and finally apply the same at subnet level
In this lab, i have shown how to create two web servers and deploy them into Webservers subnet. install IIS on each of this server and text whether network security group rules we have defined in the earlier is working properly or not
Network interfaces, Route tables, IP Addresses & Network peering
In this lecture, I will introduce you to the concepts of network interfaces, route tables and VNet peering
In this lab, I have shown how to create a user defined route to route the traffic destined to a subnet via LAN routing appliance
In this lab, I have shown how to peer two virtual networks in the same region using Azure portal
In this lecture, I explained about public and private IP addresses and what azure resources can have the same. I will also explain about static and dynamic IP configuration
In this lecture, I have shown how to disable public IP address, where you can change IP address mode (dynamic & static) and configure a domain name for your public IP address
VNets, Subnets and NSG design patterns
In this lecture, I have explained about different scenarios of VNets & Subnets design patterns and Subnets and NSGs design patterns
Introduction to high availability related Azure services
In this lecture, I provided a brief introduction to Load balancer, Application gateway and Traffic manager
Azure load balancer
In this lecture, I explained about different components and features of the load balancer, types of health probes and Azure availability sets.
In this lab, I will show you how to create an availability set and deploy two web servers in the same. I will install IIS on the web servers and disassociate the public IP addresses. Basically I am preparing the ground work for the next lab.
In this lab, I have shown how to create and configure the load balancer to distribute the traffic evenly to two web servers we have created in the earlier lab.
In this lecture, I have shown how to configure NAT rule to RDP into one of web servers in the backend pool of load balancer using load balancer frontend IP configuration
In this lecture, I have shown how to add an additional web server into load balancer backend pool and how load balancer automatically route traffic to additional server with out any additional configuration
In this lab, I have shown how to enable monitoring on Azure load balancer, types of logs it will produce and also how content looks like in one of the logs
Azure Application gateway
In this lecture, I explained about different components of Application gateway and it's capabilities
In this lab, I have created an application gateway subnet, a dedicated NSG for this subnet and created two application servers and deployed the same into App servers subnet. Finally, I installed IIS on both of them. This labs is mainly prepares the ground work for the next lab
In this lab, I have shown how to create and configure application gateway to distribute traffic evenly to the application servers that we created in the earlier lab.
In this lab, i have shown how to configure different components of application gateway to route the traffic to specific application server based on the URL path and test the configuration
In this lecture, i have shown how to configure application gateway to host multiple sites (in this case i have taken two sub domains) and test the configuration
In this lecture, i have show you how to enable web application firewall (WAF) on the Application gateway, simulate an XSS attack and shown you how WAF protect the backend pool of servers from such attack.
In this lecture, i have shown how to monitor activity logs, metrics and different logs produced by Application gateway using azure portal. I have also shown how to enable an activity log alert to send an email when application gateway is deleted.
In this lecture, I have explained about how traffic manager works, different routing methods you can use, and end points to which you can route the traffic to.
In this lecture, i have shown how to configure Traffic manager to route traffic between two web app using performance based routing method
In this lab, i have shown how to configure priority & weight routing methods on traffic manager
In this lecture, i have show how to configure traffic manager profile with geographic based routing method and nested end points
In this lecture, I have provided a very quick comparison of Load balancer, Application gateway and Traffic manager.
VPN Gateway and connectivity scenarios
In this lecture, I explained about different network connectivity scenarios, VPN gateways cross premise connectivity scenarios.
In this lab, I have shown to how to establish point to site VPN connection between your computer and Azure virtual network.
In this lab, I have shown how to connect two Azure virtual network in different regions using VPN to VPN connection
In this lab, I have shown how to establish connectivity to applications in Azure virtual machines from Azure Web apps, API apps and mobile apps
In this lab, I have shown how to connect AWS and Azure cloud networks using site to site VPN connection
In this lecture, I have explained about express route, connectivity models and routing domains.
In this lecture, i will take you through steps of ordering express route circuit, creation of Azure private peering and VNet integration.
Delivering Hybrid Solution/Applications Connectivity
By the end of this lecture, you will understand about Azure App service plan, pricing tiers and web apps
By the end of this lecture, you will understand about app service environment (ASE), when it should be used, components of app service environments and deployment models of ASE
By the end of this lecture, you will know the different places where solution components are located in hybrid solutions and different options available to establish network connectivity between those locations.
By the end of this lab, you will be able to establish P2S VPN between app service and Virtual network and also test the connection
By the end of this lecture, you will gain understanding of internal and external ASE and different network considerations that needs to be taken into account with respect to ASE.
By the end of this lecture, you will gain understanding of hybrid connections, how they work and benefits & limitations of hybrid connections.
By the end of this lab, you will be able to establish hybrid connection between app service and a http end point located in a virtual network. You will also able to download and install hybrid connection manager.
By the end of this lecture, you will gain understating of all the key network security controls that you can apply to secure your network in Azure
By the end of this lecture, you will gain understating of DDoS protection, different tiers of DDoS protection, Azure firewall and its key features.
By the end of this lab, you will be able to one hub VNets and two spoke VNets, deploy Azure firewall into central VNets, two VM's into spoke VNets, peer spoke VNets with hub VNet and configure UDR to route all internet bound traffic originating from spoke VNets to Azure Firewall.
By the end of this lab, you will be able to configure an application rule in Azure Firewall to allow users access office.com from VMs in spoke VNets and deny any other traffic to internet. Also, configure a DNAT rule in Azure Firewall to allow users to RDP into VMs in spoke VNets using Azure Firewall public IP address.
By the end of this lecture, you will gain full understanding of network security groups, service tags, application security groups.
By the end of this lab, you will be able to create NSG, ASG and apply them at subnet level.
By the end of this lecture, you will gain understanding of different connectivity options to connect workload in VNet with Azure services, service endpoints and service endpoint policies.
By the end of this lab, you will be able to create service endpoints, service endpoint policies and resource firewall
By the end of this lab, you will gain understating of different remote access management options and steps to take to harden workstations.
By the end of this lab, you will be able to install windows admin centre on Azure VM and use that as a jump box to access other VMs in the virtual network.
By the end of this lecture, you will understanding of different courses in my course catalog. Resource section of this lecture contain coupon codes using which you can get the courses at 90% discount.