1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Exam Prep 70-533: Implementing Microsoft Azure Infrastructure Solutions

Using Azure Virtual Networks

Contents

keyboard_tab
Overview of the course
1
Course Intro
PREVIEW53s
2
Course Overview
PREVIEW1m 42s
play-arrow
Start course
Overview
DifficultyIntermediate
Duration56m
Students797

Description

Exam Prep 70-533: Implementing Microsoft Azure Infrastructure Solutions

The purpose of this course is to help prepare you for the Microsoft Azure 70-533 Exam. This course focuses on key points that are meant to fill in the learning gaps for those who already have a base foundational knowledge of Microsoft Azure.

What You'll Learn in this Exam Prep 70-533

Lesson What you'll learn
Overview of the Course Overview of the course and the Learning Objectives
About the 70-533 Exam Learn about the exam, its objectives, and certification paths
Design and Implement Azure App Service Apps Discuss App Service Plans and Web Apps
Create and Manage ARM Virtual Machines Understand ARM VMs, pricing, resiliency and configuration limits
Design and Implement a Storage Strategy Learn to Implement Azure Storage, SQL Databases, and Recovery Services
Implement an Azure Active Directory Discuss Azure AD, tools, App integration, and monitoring
Implement Virtual Networks Learn about Azure networking and cross-site connectivity
Design and Deploy ARM Templates Learn about ARM Templates and Deployment options
Summary Course summary including Exam Tips and Tricks

 

Transcript

When you work with Azure Virtual Networks there are several common features IT Pros will implement. There are UDRs which route traffic and NSGs which block traffic both of which are easily configurable from the Portal, PowerShell, and the Azure CLI. These are simple enough that you should definitely give these a try if you haven’t already.

Mentioned a bit earlier Azure virtual machines can have multiple network interfaces and each NIC can be on different Subnets within a VNet. Make sure you know how virtual machine IP Addressing works and how to create both Private and Public Static IP addresses. By default VMs on a VNet obtain a Private IP based on internal Azure DHCP for example.
It’s also very common for IT Pros to deploy network virtual appliances often from 3rd party VM images to perform firewall and packet-level inspection and typically used in a VPN Gateway scenario as traffic passes from one network to another.

Speaking of cross-network connectivity, for the exam, you want to be familiar with what’s available in Azure in terms of connecting different network sites whether it be on-premises to Azure or Azure to Azure and their limitations.

For example a Site-to-Site connection is your typical on-premises to Azure Connection and although traffic technically passes over the internet, this is a private connection traffic is encrypted and secured through IPSec tunnels. Designated networks on-premises will have access to a particular virtual network in Azure and vice-versa. The important point here is that your Azure virtual network address space must not overlap with your on-premises address spaces and each knows about the other during configuration.

A Point-to-Site connection is like a Site-to-Site connection however it’s for connecting an individual client computer to an Azure virtual network. In both Site-to-Site and Point-to-Site connections an Azure VPN Gateway is used which can be configured to use a Policy-based Static Gateway, or a Route-based Dynamic gateway. If you ask me Route-based dynamic gateways are always the way to go if you can which enables you to do multi-site connectivity for example have two different on-prem sites connect and use the same VPN Gateway to connect to the same Azure network. This is a huge feature for many IT organizations.

VNet Peering is an Azure-to-Azure connection which doesn’t have to use VPN Gateways for connectivity across Azure VNets. But I should note that if you did want to use Azure VPN Gateways like in the case of on-premises connectivity you can do this between two Azure networks in what’s called VNet-to-VNet connectivity. VNet Peering is a newer Azure technology and may be more convenient for you if it meets your business requirements.

ExpressRoute is your premium High-bandwidth, Low-latency connection between Azure Datacenters and on-premises. This traffic, unlike your typical VPN Gateways, do not traverse the internet but is secure, private, and most of all fast. You typically purchase this option through a Telco provider like Verizon, Equinix, Level 3, etc. to name a few and is available in several Azure regions.

About the Author

Students6019
Labs1
Courses3
Learning paths2

Chris has over 15 years of experience working with top IT Enterprise businesses.  Having worked at Google helping to launch Gmail, YouTube, Maps and more and most recently at Microsoft working directly with Microsoft Azure for both Commercial and Public Sectors, Chris brings a wealth of knowledge and experience to the team in architecting complex solutions and advanced troubleshooting techniques.  He holds several Microsoft Certifications including Azure Certifications.

In his spare time, Chris enjoys movies, gaming, outdoor activities, and Brazilian Jiu-Jitsu.