Category Archives: Azure

Allgemein, Azure, Azure Arc, Azure Governance, Azure Security, Cloud, Community, Events, Microsoft

Speaking at Scottish Summit 2021 about Azure Policy and Azure Security Center

Leave a comment

I am pleased to have received an invitation to speak at the upcoming Scottish Summit 2021. The Scottish Summit was estabhlished in 2020. This year the conference is becoming an online-only conference and will be streamed on all social media channels. The conference itself is growing into a really big conference with many parallel tracks with different language. The main conference starts on Saturday 27/02/21 and there will be many sessions on Microsoft Cloud services (like Azure, M365 and so on).

Azure Governance is an important topic for any customer using cloud resources. In my session, I will show the power of Azure Policy and Azure Security Center to define guardrails for your Azure environment and bring it into a compliant and secure state. I will go live with my session at Saturday 27/02/21 starting 1PM. If you are interested in how Azure Policy and Azure Security Center work together and how these services are handled, please feel free to join my session and ask questions.

There are quite a few Microsoft Cloud sessions planned for the Conference. Go to the website, plan your agenda and grab your ticket. There’s also an App available for iOS and Android. I hope to see you there.

Active Directory, Allgemein, Azure, Azure Active Directory, Azure Files, Azure Network, Cloud, Community, Events, Microsoft, Remotedesktop, Windows Virtual Desktop

Speaking at WVD Tech Fest 2021 about Azure Files

1 Comment

Due do the covid pandamy, many organizations in Germany are in a challenging phase as many employees need to be given the opportunity to work from home. Many companies have not yet made this option available to their employees, or only to a few. Microsoft has created a new option with Windows Virtual Desktop to give employees the ability to work from anywhere and the clients are always hosted in Azure and accessible via an app or browser.

I am very happy to have received an invitation to the WVD Tech Fest. The first conference only focusing on WVD with three parallel tracks around everything you need to know about Windows Virtual Desktop. The agenda is pretty complete and the organizers Simon Binder and Patrick Köhler are doing a great job. The conference will take place on 25/02/21 and is free. So take a look at the Website, plan your Agenda and grab your Ticket.

Azure Files is one of my favorite topics and due to many WVD projects in the past, I will address the question is Azure Files the optimal WVD profile store solution. And I can say: it depends – but you will learn more in my session on Thursday between 10:50 – 11:20 AM 🙂

Take this oppurtunity to learn more about Windows Virtual Desktop and hopefully this can be a solution for your organization to enable more people to work from anywhere and get everyone safely through these challenging time. I hope to see many of you there 🙂

Allgemein, Azure, Azure Automanage, Azure Backup, Azure Bastion, Azure Governance, Azure Monitor, Azure Network, Azure Security, Azure VM, Cloud, Community, Microsoft, Windows Server

Azure VM Best Practices

6 Comments

Last year Gregor Suttie and Richard Hooper launched the Azure Advent Calendar and I got to support with a session on Azure Bastion. This year they improved on the idea with the Festive Tech Calendar. I’m happy to be back with an article on Azure VM best practices. I hope you find the article helpful and I would appreciate feedback.

Over the past few months, I have conducted many customer workshops, designed and implemented Landing Zones, and migrated or placed VMs into Azure. One of the most common customer questions has been about best practices for Azure VMs to maximize performance and efficiency, minimize costs, increase security, and reduce management overhead. This article is based on my real-world experience and recommendations based on several Azure projects.

Continue reading Azure VM Best Practices
Active Directory, Allgemein, Azure, Azure Files, Cloud, Microsoft, Windows Virtual Desktop

Azure Files enabled AD DS SMB authentication Best Practices and all you need to know

1 Comment

02/03/2022 Update 1

There are some improvements and changes in the AzFilesHybrid module, I updated the article with this changes.

The Azure Files Teams announced the availability of joining Azure Fileshares to AD DS since February 2020. This brings a lot of new possibilites, like to move Fileservers directly to a hosted SMB solution or deploy WVD Profiles directly on Azure Fileshares.

Microsoft did a lot of work to bring this solutions to live, but there are some challenges and pitfalls to activate and maintain the service. In this article I will go in a short way over all related considerations for Azure Fileshares AD DS authentication. Please note this article only focus to enable Azure Files for Active Directory Domain Services – not Azure AD or Azure AD DS.

Continue reading Azure Files enabled AD DS SMB authentication Best Practices and all you need to know
Allgemein, Azure, Cloud, Community, Events, Microsoft

Festive Calendar 2020 – Thanks Gregor and Richard for a great Advent Idea

Leave a comment

Last year my Community buddies Gregor Suttie and Richard Hooper has the great Idea to start the Azure Advent Calendar. A Advent Calender with 48 different Sessions to Azure related topics. I had the pleasure to held a session about Azure Bastion.

This year Gregor and Richard take this to a new level and create the Festive Calendar. An Adventcalendar with around 85 different sessions around the Microsoft 365 world.

The Calendar has started today with the yearly POM deliverd by Isidora Katanic (BTW: Greetings to the well deserved MVP award) and introduction from Amy Boyd and Adam Jackson.

This year I have the pleasure to hold a session again about Azure …… at the ….! Psst – I do not say when and which topic so it is a an Advent suprise. Take a look at the daily Festivecalendar website to see what amazing session surprises are behind the door 🙂

You can also follow the @_CloudFamily Account at Twitter to get notified when new sessions are available or you follow the tag #FestiveTechCalendar for the latest updates.

Thanks again to Gregor Suttie and Richard Hooper for this great community driven Idea – Love IT.

Allgemein, Azure, Azure Active Directory, Azure Governance, Azure Security, Cloud, Community, Meetup, Microsoft

Speaking with Thomas Naunheim at GermanyClouds Meetup about Azure Governance Best Practices

Leave a comment

In the past Thomas Naunheim and I do a lot of architecture and designing prinicple for integrating Azure in company environments. We have the idea to create a Azure Governance Best Practices session in the last couple of months to give the community our insights and best practices for Starting/Integrating Azure environments. The goal is to give you insights, where you can find the best documentations to start with a Cloud journey and which technical Azure features help to bring and hold your environment in an compliant and secure state.

The session contains the following topics:

  • Cloud Adoption Framework
  • Well-architecture Framework
  • Insights about Azure Policies and Azure Security Center
  • Azure Enterprise Scale architecture
  • Azure Ops
  • Identity and Access Management

We are exited to hold the session at the GermanyClouds Meetup on november 26. Did you interested in this topics or you are in the beginning or implementig phase, join us. We will happy to see you there and get your questions.

The session will not been recorded.

Allgemein, Azure, Azure Bastion, Azure Network, Azure Security, Cloud, Microsoft

Azure Bastion now supports VNET Peering

8 Comments

Update 2 on 01/12/2021

Microsoft has changed the #AzureBastion minimum subnet size from /27 to /26. Installed #Azure Bastion are unaffected, but new deployments require the new subnet size. Please remember this. https://docs.microsoft.com/en-us/azure/bastion/bastion-faq#subnet

Update – 12/2020

Azure Bastion is now available in West Germany Central.

Azure Bastion is a service to avoid deployment own Jumphosts and reach Azure VMs over the Management Ports (SSH and RDP) in a secure way without the need to assign Public IPs directly to Azure VMs.

Azure Bastion got a really big improvement and now supports Azure VNET Peering. This includes all VNET peering models, inside a single subscription and VNET peering across different subscriptions.

Continue reading Azure Bastion now supports VNET Peering
Allgemein, Azure, Azure File Sync, Azure Files, Cloud, Community, Events, Microsoft, Sharepoint, Windows Server 2016

Zu Gast beim Geeksprech Podcast zu Azure Files

Leave a comment

Am vergangenen Freitag hatte ich das Vergnügen zu Gast beim Geeksprech Podcast von meinen Community Freunden Eric Berg und Alexander Benoit zu sein.

In der Folge gehen wir auf die vielfältigen Themen zu Azure Files ein. Dazu gehören natürlich u.a. die neuen Tiering Modelle, wie ich Azure Fileshares bereitstelle, welche Vorteile Azure File Sync mir bietet und wie ich vorhandene Fileserver nach Azure migriere und dort weiterhin die vorhandenen Windows ACLs nutzen kann. Sharepoint kam übrigens auch mehrfach zur Sprache – ich kann mich einfach nicht davon trennen 🙂

Es war mein erster Podcast und ich muss sagen, es war eine tolle Erfahrung und ich hatte viel Spaß mit Eric zu den verschiedenen Themen rund um Azure Files.

Wer reinhören mag findet unten die Folge. Weitere Spannende Folgen und viele Infos findet ihr direkt auf der Geeksprech Podcast Website.

Allgemein, Azure, Azure File Sync, Azure Files, Cloud, Microsoft

Azure Files Improvements – new Tiers and Soft Delete

1 Comment

In the last couple of Months Microsoft brings a lot of new capabilites to Azure Files. From AD DS SMB autentication over new Tiers to Soft delete, there are many improvments for Azure Files. This article will introduce the latest announcement you need to know and which workloads are addressed with the new features.

Until now, Azure Files were divided into two Tiers – Standard and Premium. At the Ignite 2019, Microsoft announced additional Tiers in order to cover requirements more optimally. However, the integration of the new Tiers was delayed due to the challenges this year. These have been available for a few weeks now. Azure Files offers 4 different Tiers with different performance capabilities and pricing now. This Tiers are called:

  • Premium
  • Transaction optimized (formerly known as Standard)
  • Hot
  • Cool
Continue reading Azure Files Improvements – new Tiers and Soft Delete
Allgemein, Azure, Azure Active Directory, Azure Network, Cloud, Microsoft

Azure VPN AAD P2S Error Server did not respond properly to vpn control packets resolved

9 Comments

In the last few days I have created some Azure Landingzones. To secure access to Azure resources within the landing zone with different users, customers use a P2S connection through the Azure VPN Gateway using Azure AD for authentication.

Sometimes I see some mistakes in the Azure VPN Point-to-site configuration blade that results in the Error: “Server did not respond properly to vpn control packets” when trying to connect to the VPN Gateway over the Azure VPN Client.

These error messages are often due to incorrect settings in the basic settings. To resolve this issue it is really important to configure the three points: Tenant & Audience & Issuer correctly.

Please pay close attention to the following settings:

  • The Tenant field must be specified in the following notation “https://login.microsoftonline.com/your-Azuread-Tenant-ID-here/” at the end do not miss the backforwardslash /
  • Audience field must be only contains the Enterprise Application ID of the Azure VPN client (this is the same for all Tenants) “41b23e61-6c1e-4545-b367-cd054e0ed4b4” without any other characters or spaces
  • The Issuer field must be specified in the following notation “https://sts.windows.net/your-Azuread-Tenant-ID-here/” at the end do not miss the backslash /

Please be aware of the difference between the Tenant- (begins with https://login….) and Issuer field (begins with https://sts.win…).

Please contact me if you have any questions or if you find further errors and solutions 🙂

Links