What is Azure ARC and how to deploy it for on-premise (virtual) machines?

In the last few years we see an evolving hosting landscape. Emerging cloud hosting and even cloud offboarding for certain workloads. But with this increasingly complex environments we need to find a way to manage and governance our clouds. With Azure Arc you can governance, manage and maintain your...

How to deploy Entra ID Application Proxy (Manual)

Entra ID Application Proxy is a service that enables remote access to applications from any device with a web browser without the need for a VPN. It provides secure access to on-premises applications by proxying requests through the Azure cloud. One of the other features is that Entra secures...

Microsoft Entra ID Multitenant organization in public preview

Microsoft has released the ability to setup multitenant environments in Microsoft Entra. With this new feature in Microsoft Entra ID it is possible to define a group of tenants and connect them together to achieve better collaboration between the tenants. This includes the search en discovery of users across...

Windows Hello for Business and changing security policies (lessons learned)

Last weeks I had some challenges with a customer requiring more strictive PIN permissions for Windows Hello For Business. My initial thought was, I’ll just change the Intune Policy, and people will receive the new policy settings and job done. During the test phase with my own tenant, and...

Microsoft Managed Entra ID Conditional Access policies are coming to eligible tenants

In November last year, Microsoft announced the “auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage.” This means that all tenants with at least Entra ID P1 license will receive the Microsoft Managed conditional access policies with the intention to...

Enable Inter-Hub traffic Azure Virtual WAN through Azure Firewall (Manual)

Since Azure WAN came out I’ve configured multiple Azure Virtual WAN environments. But since september 2023 it is now possible to automatically assign firewall routes to all your VPN tunnels. By default traffic from 1 VPN tunnel to another VPN tunnel will bypass the firewall. With this new Inter-hub...

How to deploy Azure NAT Gateway (Manual)

Microsoft recently announced that direct internet connection for virtual machines will be deprecated at the end of September 2025. So how are we going to grant virtual machines with internet access without an Azure Firewall? We can use Azure NAT Gateway to grant internet access. So lets get started!...

Deploy Azure Firewall with Azure virtual WAN (Manual)

In the past blog I showed you how to deploy Azure Virtual WAN with a HUB (Deploy Azure Virtual WAN with Virtual HUB (Manual) | 2 Azure). Today we will continue the journey with the deployment of the Azure Firewall. Prerequisites: STEP 1: Deploy Azure Firewall policy From the...

Deploy Azure Application Gateway V2 with http to https redirect

Azure Application Gateway is an advance type of load-balancer. Where an Azure Load-balancer routes traffic on the transport layer (OSI Layer 4 | TCP + UDP) the Application Gateway is a way more advanced load-balancer. It can route based on URL as well on path’s. On top of that...

Deploy Azure MySQL Flexible Server using Private End-Points (Manual)

In this manual I am going to show you how to deploy Azure MySQL Flexible Server with data encryption enabled using a Service Managed Keys (SMK) for data at rest encryption. What is Azure MySQL Flexible Server? Azure Database for MySQL Flexible Server is a fully managed Azure database...

How to setup SFTP using Azure Blob Storage (Manual)

Since 2022 Microsoft supports the SSH FTP protocol on the Azure Blob Storage accounts. In this manual I will show you how to setup SFTP on Azure Blob storage. Before you can use SFTP, you will need to know a few things. One of them is that SFTP relies...

Setup Azure File Share with Entra ID hybrid identities

I hear a lot of people that want to get rid of their traditional file server and don’t want to move to SharePoint for various reasons. As an alternative we can use Azure File Share with integrated Entra ID authentication. This manual contains al the information required to setup...

How to setup BGP VPN connection with Azure WAN (Lessons learned)

Last few weeks I’ve been busy with setting up an Azure Virtual WAN environment with multiple VPN connections. One of them is a High available VPN with BGP connection to a Fortigate Firewall. Since this Fortigate Firewall is hosted with a 3rd party, I don’t have any screenshots or...

Redundant VPN Gateway reset (Azure WAN)

If you happen to have a redundant setup of a VPN gateway, which happens to be delivered as well with Azure Virtual WAN, you might encounter issues where you want to reset the VPN Gateway. One thing that is not clearly mentioned in the documentation, nor is it in...

Microsoft Azure Boost Preview

Last July Microsoft announced the new Azure Boost in Preview. Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS, such as networking, storage, and host management, onto purpose-built hardware and software. By separating hypervisor and host OS functions from the...

Microsoft renames Azure AD to Microsoft Entra ID

A year ago Microsoft announced the Entra product family to gain more trust and achieve higher security in every digital experience and interaction. By making the protection of identities and access an primary goal, Microsoft envisions an new era for security. With this renaming Microsoft is showing their commitment...

Get started with Azure Functions (Manual)

Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running. As you build your functions, you have...