Azure Traffic Manager

Azure Traffic ManagerAzure Traffic Manager is a global DNS service hosted in Azure.  It extends the functionality of DNS beyond simple name to IP resolution, adding load balancing and advanced resolution features such as geo-fencing, weighted priority, performance, and source IP based name resolution.

Just as important to what it is, is what it is not.  It is not an IP based Global Load Balancer.  Traffic Manager does not handle IP session data, BGP or any other routing protocols.  It is only an External DNS solution, it won’t work as an internal DNS solution.  Continue reading “Azure Traffic Manager”

JSON and ARM Templates

ARM Templates are written with JSON and are at the core of Azure Resource Manager deployments.  I have used and developed templates for months.  Although successful, I ran into issues with formatting and syntax this week and decided to take a step back and get a better understanding of the underlying JSON used in these templates.  In this post, I start from the beginning, exploring JSON as it relates to ARM templates. Continue reading “JSON and ARM Templates”

Management Groups, Policies and Blueprints, Oh My!

My head is still swimming from all the information at Microsoft Ignite this year.  In this post I’m going over three reoccurring topics that makes managing and compliance of an Azure environment easier.  These are Management Groups, Policies and Blueprints.

 

Continue reading “Management Groups, Policies and Blueprints, Oh My!”

Azure Disk Encryption, V2

Disk EncryptionThe only constant is change.  I noticed some new information came out this month while working on a project that requires encrypting disks.  This information significantly changes how Azure Disk Encryption can be applied to Windows and Linux VM’s.  This is an update to my previous article on Azure Disk Encryption with the intention of outlining the new, easier method of encrypting Azure disks. Continue reading “Azure Disk Encryption, V2”

Azure AD Application Proxy and IIS

I had the pleasure of spending a significant amount of time elbows deep in a Remote Desktop Services deployment this week.  As part of the effort, I published the RDS RDWeb IIS page with the Azure AD Application Proxy so MFA can be leveraged for remote desktop services.

Continue reading “Azure AD Application Proxy and IIS”

Recover Encrypted Windows Azure VM

Disk EncryptionThe number one rule in disaster recovery is to keep a copy of your resume off site.  Number two is test backups and recovery.  An unrecoverable backup is useless and a disaster is no time to find out something went wrong.  This is a second part of a previous post on encrypting Windows hard drive in Azure.  The first part is available here.  In this post I will go over how to backup and recover encrypted Windows Azure VM using Recovery Services Vault. Continue reading “Recover Encrypted Windows Azure VM”

Azure Connectivity Check in Preview

Microsoft announced a new Azure Connectivity Check as part of the Network Watcher service.  Below is the announcement from Microsoft:
https://azure.microsoft.com/en-us/blog/azure-network-watcher-introduces-connectivity-check-preview/

A couple things to note before you use it:

First, you have to enable your subscription for Network Watcher.  Do this by going into Network Watcher  and selecting your subscription in the Overview blade.  Go to the three dots on the right and enable your subscription.

Enable Connectivity Checker Continue reading “Azure Connectivity Check in Preview”