Azure Networking: Innovative Features and Multi-VNet TopologiesMarius Zaharia
Are you looking to deploy a more complex structure of resources in Azure, all secured and segregated by precise boundaries while closely communicating with each other? Following the arrival of the advanced IaaS networking features in Azure (network security groups, routing, multi-NIC, …) and their maturation in the last months, here is the moment for you to find a modern architectural vision of networking in Azure, with focus on multi-VNET / VPN topologies, and based on ARM deployment model.
Part 01: Azure Virtual Networks – An OverviewNeeraj Kumar
A virtual network in Azure is similar to the network that we have in our on-premises environment, helping us connect different resources. The azure network helps us connect virtual machines (VMs), create a connected system as a part of a FARMs so that they can communicate with each other, and talk to the on-premises systems as well in special connected scenarios.
This is the Part 1 of the Azure Virtual Networking Servies and is the part of the AZ-100 certification examination, and it provides an overview of the vNet, and the components of the virtual network that an Azure Administrator has to deal with on a daily basis.
Azure Networking: Innovative Features and Multi-VNet TopologiesMarius Zaharia
Are you looking to deploy a more complex structure of resources in Azure, all secured and segregated by precise boundaries while closely communicating with each other? Following the arrival of the advanced IaaS networking features in Azure (network security groups, routing, multi-NIC, …) and their maturation in the last months, here is the moment for you to find a modern architectural vision of networking in Azure, with focus on multi-VNET / VPN topologies, and based on ARM deployment model.
Part 01: Azure Virtual Networks – An OverviewNeeraj Kumar
A virtual network in Azure is similar to the network that we have in our on-premises environment, helping us connect different resources. The azure network helps us connect virtual machines (VMs), create a connected system as a part of a FARMs so that they can communicate with each other, and talk to the on-premises systems as well in special connected scenarios.
This is the Part 1 of the Azure Virtual Networking Servies and is the part of the AZ-100 certification examination, and it provides an overview of the vNet, and the components of the virtual network that an Azure Administrator has to deal with on a daily basis.
These are slides from an introductory session for Microsoft Azure done at IIT Sri Lanka giving the students hands-on exposure to Microsoft Azure. Introducing them to Azure App Service and Azure Functions.
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
Nell'era moderna del cloud computing, la tendenza è di spostare sempre più frequentemente i propri workload nel cloud pubblico e di utilizzare cloud ibridi. La sicurezza è spesso un elemento inibitore per l’utilizzo di ambienti cloud. Come è possibile strutturare la topologia di rete in presenza di ambienti cloud e renderla sicura ? Si può estendere il proprio datacenter nel cloud mantenendo un elevato livello di sicurezza della rete ? Come garantire un accesso sicuro ai servizi presenti nel cloud e con quali strumenti ? Una delle principali ragioni per utilizzare Azure per le proprie applicazioni e i propri servizi è data proprio dalla possibilità di poter usufruire di un ampio set di funzionalità e di strumenti di sicurezza integrati nella platform. In questa sessione saranno presentate le security best practices in ambito network nel mondo Azure, date da un'esperienza diretta sul campo. Affrontando scenari reali saranno riportate le linee guida e gli accorgimenti utili per utilizzare al meglio le potenzialità presenti nella piattaforma, al fine di strutturare il network in Azure rispettando tutti i principi di sicurezza.
By Francesco Molfese
This is a brief introduction to Microsoft Azure cloud. I used these slides in an intro session for developers. I did few demos during the session that not included in the slide. Brand name and logos are properties of their respective owners.
Lets talk about: Azure Kubernetes Service (AKS)Pedro Sousa
Let's talk about the Azure Kubernetes Service (AKS), starting off by some background on the container's evolution through time up to the new management features provided by Azure like Azure ARC for Kubernetes. Key differences of Azure Kubernetes Service, Azure Container Instances, Web App for Containers and Containers on Azure Service Fabric.
These are slides from an introductory session for Microsoft Azure done at IIT Sri Lanka giving the students hands-on exposure to Microsoft Azure. Introducing them to Azure App Service and Azure Functions.
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
Nell'era moderna del cloud computing, la tendenza è di spostare sempre più frequentemente i propri workload nel cloud pubblico e di utilizzare cloud ibridi. La sicurezza è spesso un elemento inibitore per l’utilizzo di ambienti cloud. Come è possibile strutturare la topologia di rete in presenza di ambienti cloud e renderla sicura ? Si può estendere il proprio datacenter nel cloud mantenendo un elevato livello di sicurezza della rete ? Come garantire un accesso sicuro ai servizi presenti nel cloud e con quali strumenti ? Una delle principali ragioni per utilizzare Azure per le proprie applicazioni e i propri servizi è data proprio dalla possibilità di poter usufruire di un ampio set di funzionalità e di strumenti di sicurezza integrati nella platform. In questa sessione saranno presentate le security best practices in ambito network nel mondo Azure, date da un'esperienza diretta sul campo. Affrontando scenari reali saranno riportate le linee guida e gli accorgimenti utili per utilizzare al meglio le potenzialità presenti nella piattaforma, al fine di strutturare il network in Azure rispettando tutti i principi di sicurezza.
By Francesco Molfese
This is a brief introduction to Microsoft Azure cloud. I used these slides in an intro session for developers. I did few demos during the session that not included in the slide. Brand name and logos are properties of their respective owners.
Lets talk about: Azure Kubernetes Service (AKS)Pedro Sousa
Let's talk about the Azure Kubernetes Service (AKS), starting off by some background on the container's evolution through time up to the new management features provided by Azure like Azure ARC for Kubernetes. Key differences of Azure Kubernetes Service, Azure Container Instances, Web App for Containers and Containers on Azure Service Fabric.
This webinar session introduced the basics of Azure (topics below) allowing you to get online and start working in the Azure environment.
• Azure Portal Demo
• Azure VMs
• Azure Storage
• Azure SQL
• Azure Connectivity options to the Data Center
Azure vs AWS Best Practices: What You Need to KnowRightScale
Azure is now the clear #2 in public cloud behind AWS. While some cloud users are evaluating Azure vs. AWS, many enterprises are planning to use both cloud providers. But there are some notable differences between how the two clouds operate and the best practices for deploying workloads in each.
The Azure vs. AWS Best Practices: What You Need to Know webinar will cover:
Recent and coming enhancements for Azure.
Azure vs. AWS differences for compute, networking, and storage.
Best practices for cloud deployments in Azure and AWS.
How to use both Azure and AWS.
The Getting Started on AWS deck serves to introduce Amazon users and prospective customers to the Amazon VPC, EC2 and the concepts and components that are necessary building Fault Tolerant & High Available environments on AWS. It also serves to introduce services like Direct Connect, Router53 (Amazon DNS Service) and one of our new additions, the Amazon
Application Load Balancer (ALB). After perusing this deck, users should have a better understanding of what these services are and their propose benefits.
Network security is back! Whether you are using Azure Kubernetes Services, IaaS virtual machines, App Services, or any other PaaS feature, securing your application or data is critical to the business. Azure security is constantly evolving and how we did things even one year ago isn't necessarily the best way anymore. Learn about Azure network security, design patterns, learn what is new, and even to see some things that are coming soon.
Azure Private Link provides private connectivity from a virtual network to Azure platform as a service (PaaS), customer-owned, or Microsoft partner services.
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...Amazon Web Services
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual data center that you define. In this session you learn how to leverage the VPC networking constructs to configure a highly available and secure virtual data center on AWS for your application. We cover best practices around choosing an IP range for your VPC, creating subnets, configuring routing, securing your VPC, establishing VPN connectivity, and much more. The session culminates in creating a highly available web application stack inside of VPC and testing its availability with Chaos Monkey.
In this lesson, I provide examples of how Azure Virtual Networking components working together to create networks and how those networks connect together. This is the first and second in a series of lesson on Azure Virtual Networking.
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld
VMworld 2013
Arun Goel, VMware
Serge Maskalik, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
11. Specify DNS Servers in the Virtual Network
• Hosted in an Azure VM
• External
• On-Premises (with hybrid connection)
VMs are assigned specified DNS at boot.
TIP: if DNS is added after a virtual machine is
running, a reboot is required for assignment.
DNS
13. • A Network Security Group (NSG) is used to allow/deny traffic
• Source/Traget configurable
• Port configurable
• Can be applied on a subnet work virtual network interface
• No deep package inspection
TIP: When deploying a NSG, make sure that you deny all traffic by
default. Only allow traffic that is required.
Network Security Group
14. •Does the following situation work?
Question
FrontEnd
VM
BackEnd VM
Subnet 10.0.0.0/24
NSG
1. Allow port 80
2. Deny Any
HTTP Port 80 App Port 8080
No - NSG traffic is always handled on the NIC of a VM.
17. •A Network Virtual Appliance (NVA) can be used to
control the flow of network traffic.
• Firewall
• Load Balancing
• (Reverse) Proxy
Network Virtual Appliance
21. Service Endpoints
•Connect Public Azure Services to your VNET
• More secure, internet access to the public service can now be disabled
• At this moment available for:
• Azure Cosmos DB
• Azure SQL
• Azure SQL Data Warehouse
• Azure Storage (storage accounts and backup)
24. • Create subnets for:
• Isolation (for Dev/Test)
• Security (DMZ zone)
• Create NSGs at least for every subnet (preferred for every
network interface)
• Only allow traffic to ports that is required for your service to run.
• Use a Network Virtual Appliance to control the flow of network
traffic
Designing your Virtual Network
27. •Via VNET Peering
• Connect at least two Azure Virtual Networks trough the Azure Backbone
•Via VPN
• Traffic is routed in a secure tunnel (IPSEC) over the internet to Microsoft Azure.
• Can be used for site-to-site purposes but also client-to-site purposes.
•Via ExpressRoute
• Traffic is routed directly from your network to Microsoft Azure
• A cloud connect provider/datacenter is required
Available connection types
29. Connection between VNETS
• Uses Azure Backbone
• Low latency
• No need for gateways/NVAs
• Does not exchange all routes
• Only routes for the two connected VNETs are shared
TIP: Global VNET peering is general available, but not for all regions. Check the
regions first before deciding to use VNET peering globally.
33. VPN Connection
• Three types:
• Point-to-Site
• Site-to-Site (IPsec)
• VNET-to-VNET
• Uses VPN gateways to establish connections
• High uptimes (99,9%)
• Various SKUs available with a different bandwidth, amount connections etc.
• Almost no performance guarantees due to latency on the internet
44. •Security starts in your design
• Assume breach
•Use network components
• Network Security Groups
• Network Virtual Appliances
•Security Center
Security in your design
45. •Analyzes security health
•Network related recommendations
• Add a next generation firewall
• Route traffic through NGFW only
• Enable NSGs
• Restrict access through Internet facing endpoint
Security Center
48. Challenge
• Create a Hub-Spoke VNET topology
• Deploy two VNETs
• Connect them by using VNET peering
• Deploy one VM in a spoke VNET
• Deploy one VM in the hub VNET
• Test the connectivity between the
two VMs
Win a ticket for Experts Live
Netherlands
19 June, Cinemec Ede