+353-1-416-8900REST OF WORLD
+44-20-3973-8888REST OF WORLD
1-917-300-0470EAST COAST U.S
1-800-526-8630U.S. (TOLL FREE)

Microsoft Azure Infrastructure Services for Architects. Designing Cloud Solutions. Edition No. 1

  • Book

  • 448 Pages
  • December 2019
  • John Wiley and Sons Ltd
  • ID: 5836849

An expert guide for IT administrators needing to create and manage a public cloud and virtual network using Microsoft Azure

With Microsoft Azure challenging Amazon Web Services (AWS) for market share, there has been no better time for IT professionals to broaden and expand their knowledge of Microsoft’s flagship virtualization and cloud computing service. Microsoft Azure Infrastructure Services for Architects: Designing Cloud Solutions helps readers develop the skills required to understand the capabilities of Microsoft Azure for Infrastructure Services and implement a public cloud to achieve full virtualization of data, both on and off premise. Microsoft Azure provides granular control in choosing core infrastructure components, enabling IT administrators to deploy new Windows Server and Linux virtual machines, adjust usage as requirements change, and scale to meet the infrastructure needs of their entire organization. 

This accurate, authoritative book covers topics including IaaS cost and options, customizing VM storage, enabling external connectivity to Azure virtual machines, extending Azure Active Directory, replicating and backing up to Azure, disaster recovery, and much more. New users and experienced professionals alike will:

  • Get expert guidance on understanding, evaluating, deploying, and maintaining Microsoft Azure environments from Microsoft MVP and technical specialist John Savill
  • Develop the skills to set up cloud-based virtual machines, deploy web servers, configure hosted data stores, and use other key Azure technologies
  • Understand how to design and implement serverless and hybrid solutions
  • Learn to use enterprise security guidelines for Azure deployment 

Offering the most up to date information and practical advice, Microsoft Azure Infrastructure Services for Architects: Designing Cloud Solutions is an essential resource for IT administrators, consultants and engineers responsible for learning, designing, implementing, managing, and maintaining Microsoft virtualization and cloud technologies.

Table of Contents

Introduction xix

Chapter 1 The Cloud and Microsoft Azure Fundamentals 1

The Evolution of the Datacenter 1

Introducing the Cloud 2

The Private Cloud and Virtualization 4

Types of Service in the Cloud 10

Microsoft Azure 101 13

Microsoft Datacenters and Regions 14

Microsoft Network 24

Azure Resource Providers 26

Getting Access to Microsoft Azure 30

Free Azure Trials and Pay-as-You-Go 31

Azure Benefits from Visual Studio Subscriptions 31

Enterprise Enrollments for Azure 33

Reserved Instances and Azure Hybrid Benefit 37

Reserved Instances 37

Azure Hybrid Benefit 39

Increasing Azure Limits 40

The Azure Portal 41

Portal Basics 42

Azure Portal Dashboards 45

Chapter 2 Governance 47

What is Governance? 47

Understanding Governance Requirements in Your Organization 49

Azure Subscriptions and Management Groups 52

Subscriptions 52

Management Groups 55

Resource Groups 62

Role-Based Access Control 63

Naming Conventions 69

Using Tags 70

Azure Policy 75

Azure Templates 80

Azure Blueprints 83

Azure Resource Graph 86

Cost Management 88

Visibility 89

Accountability 91

Optimization 93

Chapter 3 Identity 95

The Importance of Identity 95

A Brief Refresher on Active Directory 97

Using Cloud Services, Federation and Cloud Authentication 98

Federation 98

Cloud Authentication and Authorization 101

Azure Active Directory Fundamentals 103

Azure AD SKUs 106

Populating Azure AD 108

Azure AD B2B 122

Azure AD Authentication Options 128

Azure AD Groups 137

Azure AD Entitlements and Application Publishing 138

Chapter 4 Identity Security and Extended Identity Services 145

Azure AD Security 145

Multi-Factor Authentication 145

Password Policies 149

Azure AD Conditional Access 150

Azure AD Identity Protection 153

Azure AD Log Inspection 154

Azure AD Privileged Identity Management 156

Azure Advanced Threat Protection 158

Azure AD Application Proxy 158

Azure AD B2C 160

Active Directory in the Cloud 162

Active Directory Site Configuration 163

Placing a Domain Controller in Azure 164

Azure AD Domain Services 167

Chapter 5 Networking 171

Connectivity 171

Virtual Networks 171

Adding a VM to a Virtual Network 174

NIC IP Configurations 174

Reserved IPs for VM 176

Accelerated Networking 177

Azure DNS Services and Configuration Options 177

Connecting Virtual Networks 178

Connectivity to Azure 181

Azure Virtual WANs and ExpressRoute Global Reach 193

PaaS VNet Integration 194

Protection 196

Network Security Groups and Application Security Groups 196

Firewall Virtual Appliances 199

Distributed Denial-of-Service Protection 202

Delivery 202

Intra-Region Load Balancing 203

Inter-Region Load Balancing 206

Monitoring 210

Chapter 6 Storage 213

Azure Storage Services 213

Azure Storage Architecture 213

Using Storage Accounts and Types of Replication 215

Storage Account Keys 219

Azure Storage Services 221

Storage with Azure VMs 235

VM Storage Basics 235

Temporary Storage 236

Managed Disks 237

Bulk Data Options 242

Azure Import/Export and Azure Data Box Disk 242

Azure Data Box 242

Azure Data Box Gateway and Data Box Edge 242

Azure Database Offerings 243

Azure SQL Database 243

Azure Cosmos DB 246

Chapter 7 Azure Compute 249

Virtual Machines 249

Fundamentals of IaaS 249

Types of Virtual Machines 252

Azure VM Agent and Extensions 258

Boot Diagnostics 260

Ephemeral OS Disks 261

Proximity Placement Groups 262

Virtual Machine Scale Sets 263

Low-Priority VMs 264

Azure Dedicated Host 264

Windows Virtual Desktop 265

VMware in Azure? 265

Platform as a Service Offerings 266

Containers 266

Azure Application Services 275

Azure Serverless Compute Services 278

Chapter 8 Azure Stack 281

Azure Stack Foundation 281

Azure Stack 101 281

Services Available on Azure Stack 284

How to Buy Azure Stack 285

When to Use Azure Stack 287

Managing Azure Stack 288

How to Interact with Azure Stack 288

Marketplace Syndication 290

Plans, Offers, and Subscriptions 292

Updating Azure Stack 294

Privileged Endpoint and Support Session Tokens 295

Understanding Azure Stack HCI 296

Chapter 9 Backup, High Availability, Disaster Recovery, and Migration 297

Availability 101 297

Distinguishing High Availability vs. Disaster Recovery vs. Backup 297

Understanding Application Structure and Requirements 299

Architecting for Multi-Region Application Deployments 301

Backups in Azure 305

Thinking About Backups 305

Using Azure Backup 307

High Availability in Azure 311

Disaster Recovery in Azure 312

On-Premises Disaster Recovery 313

On Premises to Azure Disaster Recovery 314

Azure to Azure 317

Migrating Workloads to Azure 318

Migration Benefits 319

Migration Approaches 320

Migration Phases 320

Chapter 10 Monitoring and Security 325

Azure Monitoring 325

Why Monitor? 325

Types of Telemetry in Azure 326

Azure Monitor Fundamentals 329

Azure Monitor Logs Fundamentals 334

Alerting 341

Security in Azure 350

Advanced Threat Protection (ATP) 350

Azure Security Center (ASC) 353

Azure Sentinel 355

Keeping Secrets with Azure Key Vault and Managed Identities 357

Chapter 11 Managing Azure 359

Command Line, Scripting, and Automation with Azure 359

Using PowerShell with Azure 360

Using the CLI with Azure 370

Leveraging Azure Cloud Shell 371

Automating with Azure Automation and Azure Functions 376

Deploying Resources with ARM JSON Templates 383

Everything is JSON 383

Anatomy of an ARM JSON Template 386

Template Tips 389

Additional Useful Technologies for Azure Management 393

Azure Bastion Host 393

Windows Admin Center 395

Chapter 12 What to Do Next 399

Understanding and Addressing Azure Barriers 399

Building Trust 400

Understanding Risks for Azure 400

Why You Should Use Azure and Getting Started 408

Understanding Azure’s Place in the Market 408

First Steps with Azure IaaS 411

Index 415

Authors

John Savill