This is an interesting one that has come up a few times with some customers who want to use forced tunnelling through a VPN to Azure for remote workers and NAT out to the Internet using a Microsoft public IP address. This is usually required as an additional security measure for easier user whitelisting through … Continue reading Point-to-Site Internet breakout through Azure Virtual WAN
Getting started with Microsoft Sentinel
Welcome to my post for this year's Azure Spring Clean. Thanks as always to Joe Carlyle and Thomas Thornton for organising this event. There's a really interesting collection of contributions this year which I hope you will all enjoy. For my contribution, I've decided to put together a getting started guide for Microsoft Sentinel (formerly … Continue reading Getting started with Microsoft Sentinel
Routing hub & spoke virtual networks through a network virtual appliance
I was recently involved in deploying a Watchguard network virtual appliance (NVA) to Azure, something I had last performed several years ago but back then it was a very basic setup and everything, including the NVA itself was deployed to a single Azure virtual network. Nowadays, most deployments will call for a hub and spoke … Continue reading Routing hub & spoke virtual networks through a network virtual appliance
Does data going to M365 count as Internet egress bandwidth in Azure?
I do get asked from time to time from customers if they should account for usage of Microsoft 365 services in an Azure Virtual Desktop environment towards their Internet egress traffic estimations. Afterall, a new customer deployment may have hundreds or even thousands of users running M365 desktop apps in an Azure Virtual Desktop environment … Continue reading Does data going to M365 count as Internet egress bandwidth in Azure?
Why are you not using Azure Hybrid Use Benefit?
As many of you may know, I work for a CSP distributor so I deal with licensing A LOT. This is something most people hate and really don't understand very well which is where CSP providers can really add value and expertise. Azure Hybrid Use Benefit is something that has been around for years but … Continue reading Why are you not using Azure Hybrid Use Benefit?
Upgrading Azure Load Balancer from Basic to Standard SKU
You may be reading this if you have recently received an email from Microsoft prompting you to take action and upgrade your basic SKU Azure Load Balancers to the standard SKU. This is due to the retirement of the basic SKU of this service due on 30th September 2025. Yes, that's 3 years away at … Continue reading Upgrading Azure Load Balancer from Basic to Standard SKU
Azure Chaos Studio
I posted a video on Azure Chaos Studio as my contribution to Azure Back to School 2022. Thanks to Dwayne Natwick for organising the event. I hope you enjoy the video, let me know if you have any questions! https://youtu.be/hxzjhUdKicw
How to query a Private DNS Zone over Point-to-Site connection with Azure DNS Private Resolver
The issue With more and more services going cloud native it's becoming increasingly more common for organisations not to rely on DNS servers anymore. Just like how we are seeing new 'greenfield' organisations going fully cloud native and opting not to use domain controllers at all. We are also starting to see organisations not want … Continue reading How to query a Private DNS Zone over Point-to-Site connection with Azure DNS Private Resolver
Azure Backup – Recovery Services Vault versus Backup Vault
I've had a few people ask me recently about the difference between two resources that are both used for Azure Backup, namely Recovery Services Vault and the newer Backup Vault. Both of these are used by Azure Backup and both can be used to backup your virtual machine data as well as data from some … Continue reading Azure Backup – Recovery Services Vault versus Backup Vault
Azure customer management for MSPs
It's that time of the year again and I’m delighted to be taking part once more in Azure Spring Clean, a community event focused on Azure management best practises. Many thanks to Joe Carlyle and Thomas Thornton for organising the event again this year. Please check out the website from the link above for loads more excellent Azure articles, there's … Continue reading Azure customer management for MSPs
MSP: The well-tempered Azure tenant – Part 7
Welcome to the final part of my well-tempered Azure tenant series for MSPs. This time we will take a look at Microsoft Defender for Cloud. This service has undergone some recent name changes having been formerly known as Azure Security Center (Standard tier) and then simply Azure Defender before taking its current name. It is … Continue reading MSP: The well-tempered Azure tenant – Part 7
MSP: The well-tempered Azure tenant – Part 6
Welcome to part 6 of my well-tempered Azure tenant series for MSPs. This time we will take a look at Azure Arc. Very few environments are truly Cloud only or if they are then they are using a multitude of different Cloud providers. Azure Arc is a service that was launched at Microsoft Ignite 2019 … Continue reading MSP: The well-tempered Azure tenant – Part 6
MSP: The well-tempered Azure tenant – Part 5
Welcome to part 5 of my well-tempered Azure tenant series for MSPs. This time we will take a look at Azure Monitor. A powerful solution for collecting performance metrics and logs from your customer tenants. Using this telemetry we can provide proactive managed services through monitoring dashboards and alerts which is essential for any managed … Continue reading MSP: The well-tempered Azure tenant – Part 5
MSP: The well-tempered Azure tenant – Part 4
Welcome to part 4 of my well-tempered Azure tenant series for MSPs. We have already begun our journey of managing our customer's Azure tenants with Azure Backup. Let's switch focus now to governance and discuss how we can use Azure Policy to put in place some guardrails for our customers. This is not only good … Continue reading MSP: The well-tempered Azure tenant – Part 4
MSP: The well-tempered Azure tenant – Part 3
Welcome to part 3 of my well-tempered Azure tenant series for MSPs. At this point we have already covered how to onboard your customers for delegated management using Azure Lighthouse. Now it is time for us to start making use of that delegated access and to start managing our customers. This post will focus on … Continue reading MSP: The well-tempered Azure tenant – Part 3
MSP: The well-tempered Azure tenant – Part 2
Welcome to part 2 of my well-tempered Azure tenant series for MSPs. In part 1 I covered how to set up your partner management tenant. Now it is time to cover how to onboard your customers to Azure Lighthouse for delegated management. This is likely to be the longest post in this series as this … Continue reading MSP: The well-tempered Azure tenant – Part 2
How to save your old virtual machines to low cost archive storage
I had an interesting request this week with a customer who had some decommissioned Azure virtual machines but for compliance reasons needed to retain the data on the disks for 7 years. Even on Standard HDD storage a 1TB managed disk might cost around €35 per month which adds up to quite a lot over … Continue reading How to save your old virtual machines to low cost archive storage
MSP: The well-tempered Azure tenant – Part 1
This post will be the first in a series that I've been thinking about putting together for a while now. The series is designed to bring together a number of concepts that can be used to manage your Azure tenants in a well regulated, controlled and consistent manner. I am writing this series from the … Continue reading MSP: The well-tempered Azure tenant – Part 1
Don’t use user accounts for your Logic App connections
I have seen an increasing number of users switching from using automation accounts to using virtual machine automation task templates (logic apps) for virtual machine stop/start automation. This is not entirely surprising as this template is wizard driven and generally very straightforward to set up whereas configuring an automation account to trigger a script was … Continue reading Don’t use user accounts for your Logic App connections
Developing an automated Advent calendar static web app
Yes, it's that time of the year once again! This post accompanies my contribution to the Festive Tech Calendar 2021 which as always is an online community event running throughout the month of December. My thanks to Gregor Suttie and Richard Hooper for organising the event. I love taking part in this event and it just keeps getting better every year … Continue reading Developing an automated Advent calendar static web app
How to remove Azure Disk Encryption from disks that have already been decrypted
I had an interesting one this week that I thought was worth posting about just in case it might help some others in the same situation. Scenario: Customer has some Azure Windows virtual machines that are encrypted with Azure Disk Encryption and integrated with Azure Key Vault. They want to move these virtual machines to … Continue reading How to remove Azure Disk Encryption from disks that have already been decrypted
Azure Virtual Network Manager (Preview) – A First Look
One of the many Azure networking announcements at Microsoft Ignite recently was the release to public preview of Azure Virtual Network Manager (AVNM). AVNM promises to be a service to help apply connectivity and security configurations to groups of virtual networks across multiple Azure subscriptions. This post gives my initial thoughts on this service as … Continue reading Azure Virtual Network Manager (Preview) – A First Look
Custom RSS feed notifications with a logic app
This blog post covers another self-service task that I deployed for myself recently just to see if I could make life a bit easier. Microsoft have a dedicated page for new Azure announcements called Azure Updates. Most of us are very familiar with this but it is considered to be the one true source for … Continue reading Custom RSS feed notifications with a logic app
Auto delete expired Azure test resources
This blog post documents something that I've been meaning to implement for a while and have now finally got around to doing so. In my day job, I tend to create a lot of temporary Azure resources. This can be for a number of reasons like testing new features, trying out different solution architectures or … Continue reading Auto delete expired Azure test resources
What are On-demand capacity reservations?
In the past week we saw the release to public preview of on-demand capacity reservations for Azure virtual machines. This is not to be confused with reserved instances which are a way of committing to paying for compute services for 1 or 3 years and by doing so receiving a discount on the pay as … Continue reading What are On-demand capacity reservations?
Autoscaling Managed Disk Performance Tiers without downtime
In the past week, Microsoft have released a new feature into general availability that allows you to change the performance tier of managed disks without any downtime to the virtual machine. Whilst reading up on this new feature I was quickly reminded that there are already some disk-level bursting options available for just this scenario. … Continue reading Autoscaling Managed Disk Performance Tiers without downtime
A tour of the new look App Service networking features
There has been a recent Azure portal UI update to the networking features of the Azure App Service. This is accessed through the Networking option under the Settings section and as you can see below it presents the user with a nice overview of which networking services have been enabled as well as a centralised … Continue reading A tour of the new look App Service networking features
How to use Root Domains with Azure Front Door
Azure Front Door is a great global load balancing service for web applications. What I like about it is that you can easily integrate CDN and WAF features within the service if these are required now or in future. Even if you are hosting in a single region currently, you may decide that you want … Continue reading How to use Root Domains with Azure Front Door
It’s time to start using Generation 2 virtual machines in Azure
In this post, I wanted to highlight the key benefits of using Generation 2 virtual machines in Azure. These have been in general availability for a while now but from my own experience I don't see too many Gen2 virtual machine deployments in the wild yet. If you have a Hyper-V background like myself, then … Continue reading It’s time to start using Generation 2 virtual machines in Azure
Two exams, one month
I'm pleased to say that I've added a new new DevOps Engineer expert badge to the sidebar of my website. This is thanks in part to recently passing the AZ-400 Designing and Implementing Microsoft DevOps Solutions exam and as I had previously passed the AZ-103 (now AZ-104) Azure Administrator associate exam, this entitled me to … Continue reading Two exams, one month
HA for web apps with private link to database
It's fairly typical for customers to want to make a web application highly available be utilising multiple Azure regions. By placing a priority based load balancing service such as Traffic Manager or Azure Front Door you can easily route your traffic to a secondary (failover or DR) region in the event of a service outage. … Continue reading HA for web apps with private link to database
Live Monitoring Your VM Connections With Network Watcher
I’m delighted to be taking part once again in Azure Spring Clean, a community event focused on Azure management best practices. Many thanks to Joe Carlyle and Thomas Thornton for organising this event and allowing me to contribute. Please check out the website from the link above for loads more excellent Azure articles. This year my focus is going to … Continue reading Live Monitoring Your VM Connections With Network Watcher
Windows Virtual Desktop Christmas Crackers
Greetings all. This post accompanies my contribution to the Festive Calendar 2020 which is an online event running throughout December 2020. My thanks to Gregor Suttie and Richard Hooper for organising the event and it was a privilege for me to take part again this year. Below you will find my video contribution which focuses … Continue reading Windows Virtual Desktop Christmas Crackers
Changing virtual machine regions with Azure Resource Mover
This post is going to be about a new service currently in public preview at the time of writing called Azure Resource Mover. As it's in preview it is not currently production ready so I would not advise to use this on any production environments just yet. I did however give this a run through … Continue reading Changing virtual machine regions with Azure Resource Mover
Azure Back to School: Azure Lighthouse
Hi everyone. This blog post is part of a great Azure community event organised by Dwayne Natwick called Azure Back to School. Please check out https://azurebacktoschool.tech for some great posts from the Azure community this month. My contribution will be on Azure Lighthouse and with particular focus on how to use this if you are … Continue reading Azure Back to School: Azure Lighthouse
Azure CI/CD with ARM templates and GitHub Actions
Intro This will be my first post on DevOps which is something that I, like many others dismissed a few years ago as something "only for developers". I was first introduced to infrastructure as code (IaC) in the form of ARM templates maybe 3 or 4 years ago and very quickly realised that I could … Continue reading Azure CI/CD with ARM templates and GitHub Actions
Have you correctly licensed your migrated SQL Server VMs in Azure?
Are you migrating SQL Server virtual machines to Azure? If so, how are you handling the SQL licensing once migrated? If you are running SQL Server Standard or Enterprise edition then you need to have either an active software assurance agreement or a current CSP subscription for SQL Server in order to qualify for license … Continue reading Have you correctly licensed your migrated SQL Server VMs in Azure?
Outbound NAT for Azure Virtual Machines
There are times when you may require a fixed outbound public IP address for your Internet facing workloads. Usually this is required for whitelisting purposes so that external systems or customers can safely trust the source of the traffic they are accepting. This is a straightforward enough process for a single virtual machine by using … Continue reading Outbound NAT for Azure Virtual Machines
Azure accelerated networking put to the test
Accelerated networking is something I've previously suggested in my 7 ways to optimize your Azure VM performance post. In short, this removes the virtual switch from the host allowing the NIC to forward network traffic directly to the virtual machine. The result of this is lower latency over the Virtual Network but it's important to … Continue reading Azure accelerated networking put to the test
SQL Server Virtual Machine Disk Optimisation
I still see quite a number of SQL Server deployments on Azure Virtual Machines. Often this decision is driven by the application vendor and from my experience to date a PaaS alternative such as Azure SQL isn't a viable option purely because the vendor hasn't tested their application with this yet and therefore will not … Continue reading SQL Server Virtual Machine Disk Optimisation
First look at Active Directory authentication over SMB for Azure Files (Preview)
I've been waiting for this one for a long time so I was very keen to get stuck in with a deployment as soon as the public preview was announced late last week. Firstly, why is this important? Although many of us have now migrated file based sharing solutions over to the likes of Sharepoint … Continue reading First look at Active Directory authentication over SMB for Azure Files (Preview)
Azure Spring Clean – RBAC Best Practices
I'm delighted to be kicking off Azure Spring Clean, a community event focused on Azure management best practices throughout the month of February. Many thanks to Joe Carlyle and Thomas Thornton for organising this event and allowing me to contribute. My contribution is all about best practices for Azure Role Based Access Control. This is … Continue reading Azure Spring Clean – RBAC Best Practices
Azure vCPUs and Hyper-threading
First of all, what the heck is Hyper-threading? Well, in a nutshell Hyper-threading is a technology found on some Intel chips (AMD have their own equivalent technology) to improve multi-tasking by running tasks in parallel on the CPU. For most compute workloads multi-tasking is very common so Hyper-threading is usually very helpful and allows your … Continue reading Azure vCPUs and Hyper-threading
A lesson learned on outbound connections with Standard SKU Public IP Addresses
I had a curious issue this week that I could not explain for some time. I eventually got to the bottom of it with some assistance from Azure Support and thought I would share some details in case anyone else comes across the same issue. The problem: I had a couple of Virtual Machines in … Continue reading A lesson learned on outbound connections with Standard SKU Public IP Addresses
Azure Advent Calendar 2019 – Azure Web Apps
So rather than another blog post, this will be my first ever vlog post! I am proud to be one of 75 Azure community contributors to a series of training videos collectively known as Azure Advent Calendar. Throughout the month of December there will be three new videos posted each and every day right up … Continue reading Azure Advent Calendar 2019 – Azure Web Apps
Monitoring failed login attempts to your Azure Virtual Machines
I've been spending a lot more time recently working with Azure Monitor and Log Analytics. With Log Analytics you can not only monitor your Virtual Machine performance counter metrics but your Windows event logs as well. Something that I discovered is that although you can query the system and application Windows event logs you cannot … Continue reading Monitoring failed login attempts to your Azure Virtual Machines
7 ways to optimize your Azure VM performance
Microsoft are always adding more features and configuration options that can be used for your Virtual Machine deployments and I find quite often some of these go under the radar at the time and get overlooked either for subsequent deployments or as options for optimizing existing deployments. I decided to put together a few options … Continue reading 7 ways to optimize your Azure VM performance
Direct Upload to Azure Managed Disks
Microsoft recently announced a very useful preview feature that allows direct upload of VHD files to Azure as managed disks. This makes uploading images into Azure extremely straightforward. Potentially this can also be an option for migrating your VMs to Azure so long as you have a sufficient time window to allow for the on-premises … Continue reading Direct Upload to Azure Managed Disks
Ephemeral OS Disks – what are they and when to use them
Ephemeral disks are something that have been in preview for a while now but have only very recently became generally available. If you look up the word ephemeral in the dictionary you will see it is defined as "something lasting for a very short time". Essentially what this means is that the disk is non-persistent … Continue reading Ephemeral OS Disks – what are they and when to use them
Uploading blobs direct to Azure archive tier storage
The archive tier feature of the storage account v2 is something that is gaining more and more attention from customers. Why…because of the price and recently Microsoft announced a price reduction of up to 50% for some regions. In addition to this there have been some new features launched which at the time of writing … Continue reading Uploading blobs direct to Azure archive tier storage
Hybrid Cloud: Using Azure to secure and monitor on-premises systems
My first blog article isn’t going to be about a new feature but more something that I wanted to write about because I believe many customers who are using Azure are not aware of it. Many people think of Azure as its own self-contained world, and that it’s either running on Azure or it’s not. … Continue reading Hybrid Cloud: Using Azure to secure and monitor on-premises systems
What is this place?
Welcome to my new blog. If you have found your way here then you are likely interested in Microsoft Azure and hopefully once I get some articles up you will find something useful here. I have often relied on other people's blogs over the years that provide helpful explanations and “how to” guides over the … Continue reading What is this place?