My first exposure to cloud technology was through Amazon Web Services (AWS), where I obtained the basic knowledge and hands on experience to navigate the AWS platform. Throughout this initial learning process, I loved the idea and accessibility the cloud environment offered, in addition to its cost advantages. As a network engineer, I was also interested in using the cloud for networking through services such as Virtual Networks, Load Balancers, and Virtual WAN.
After joining Cloudforce I was introduced to Azure, Microsoft’s cloud services platform. Even though AWS and Microsoft Azure are similar in some ways, their learning styles are very different. I was given the task of taking the Microsoft AZ-104 Azure Administrator Associate certification and even though this was a new area of study for me I was up for the challenge. The exam consists of a number of different topics and is scored according to the following breakdown:
Each topic offered a new learning opportunity but “configure and manage virtual networking” was the one I was most interested in as a network engineer. This topic covered several different subtopics which were very helpful in understanding the connectivity, security and access control needed to connect your on-premises network to the Azure network. Each subtopic had a review of the different aspects needed to correctly configure and manage virtual networks and why they are important in the cloud environment.
Since most companies are moving to the cloud, the integration between their network and the Azure network is one of the most important parts of planning a migration. There are three important connectivity methods the AZ-104 exam focuses on:
Creating and configuring an Azure VPN gateway provides cross-premises connectivity between the customer’s premises and Azure, and it can even be created using Azure CLI or Azure PowerShell. Usually, each virtual network can only have one VPN gateway, but you can create multiple connections to the same VPN gateway. There are several different ways to connect and configure a VPN gateway, and you will need to determine which configuration best suits your needs – whether it’s Point-to-Site, Site-to-Site or VNET-to-VNET VPN connections. After creating the VPN gateway, you will also need to determine the IPsec/IKE policy that will be used to allow the Azure VPN gateway to connect to your on-premises gateway. Another major factor in creating a gateway is determining the gateway SKU that best meets your needs based on types of workloads, throughputs, and features.
Another important option to consider when connecting an on-premises network and Azure is ExpressRoute, which creates a private connection to Azure datacenters so that traffic is not routed over the internet – this offers more reliability, speed, lower latency, and better security. There are a few different types of ExpressRoute: ExpressRoute Local, ExpressRoute FastPath, ExpressRoute Direct, and ExpressRoute Global. Choosing the right type depends on the specific needs of the customer and should take into consideration bandwidth requirements, regional availability, and redundancy.
Azure Virtual WAN offers advanced connectivity options and can be integrated with Azure ExpressRoute. Some of the major benefits of Virtual WAN are the advanced routing capabilities and the ability to both create custom route tables and to improve virtual network routing with route association and propagation. It also provides the ability to encrypt ExpressRoute traffic between on-premises networks and Azure virtual networks. One of the advantages of Virtual WAN is the hub-and-spoke topology which allows you to connect your branch offices, VNets, and remote users using the Azure backbone.
There are other factors to consider when connecting your on-premises network to the Azure network but these three play a major role in creating a secure, reliable, and fast connection. Azure cloud services offer customers a more robust and affordable way to manage and maintain their network infrastructure. The Azure-104 certification is a great way to gain the knowledge and skills needed to start a career as a cloud engineer and can also be beneficial for network engineers looking to understand how cloud services and networking work together to create a better experience for customers.
Adrian first started as a desktop support technician but has gained knowledge and certifications (including his Cisco Certified Network Associate (CCNA)) that have led him to the role of network engineer. His passion for IT continues to grow as he learns new things every day, and his goal one day is to be a CCIE engineer. Adrian joined Cloudforce as a Network Engineer where he will not only use the knowledge and skills he has now but will also obtain new ones that will help him advance in his career.
As a self-proclaimed futurist, I’d much rather focus my attention on what’s to come versus dwelling on the past. Not surprisingly, all roads start (and end) with artificial intelligence (AI), and...
The true measure of technology’s excellence lies in its accessibility, empowering even the less tech-savvy. And Microsoft nailed it. Welcome to the era of enhanced productivity with Microsoft's...
The Foundation of Inclusive AI: Understanding the Significance of Inclusive Data Sets In grounding a discussion on the intersection of AI inclusion and innovation at Microsoft’s Ignite...
