Designing and implementing Microsoft Azure networking solutions : exam ref AZ-700 preparation guide / David Okeyode.

Format:

Book

Author/Creator:

Okeyode, David, author.

Language:

English

Subjects (All):

Microsoft Azure (Computing platform)--Examinations--Study guides.

Microsoft Azure (Computing platform).

Cloud computing--Examinations--Study guides.

Cloud computing.

Physical Description:

1 online resource (524 pages)

Edition:

1st ed.

Place of Publication:

Birmingham, England : Packt Publishing Ltd., [2023]

Biography/History:

Okeyode David: David is the EMEA Azure CTO at Palo Alto Networks. Before that, he was an independent consultant helping companies secure their Azure environments through private expert level trainings and assessments. He has authored two books on Azure security - "Penetration Testing Azure for Ethical Hackers" and "Microsoft Azure Security Technologies Certification and Beyond. He has also authored multiple cloud computing courses for popular platforms like LinkedIn Learning. He holds over 15 cloud certifications and has over a decade of experience in Cybersecurity (consultancy, design, implementation). David is married to a lovely girl who makes the best banana cake in the world. They love travelling the world together!

Summary:

Pass the AZ-700 exam effortlessly with this comprehensive guide to Azure networking, covering all aspects of architecting, implementing, and managing Azure virtual networks Purchase of the print or Kindle book includes a free PDF eBookKey FeaturesCreate and deploy a secure Azure network and implement dynamic routing and hybrid connectivityMaster Azure network design for performance, resilience, scalability, and securityEnhance your practical skills with hands-on labs aligned to the AZ-700 Network Engineer certificationBook DescriptionDesigning and Implementing Microsoft Azure Networking Solutions is a comprehensive guide that covers every aspect of the AZ-700 exam to help you fully prepare to take the certification exam. Packed with essential information, this book is a valuable resource for Azure cloud professionals, helping you build practical skills to design and implement name resolution, VNet routing, cross-VNet connectivity, and hybrid network connectivity using the VPN Gateway and the ExpressRoute Gateway. It provides step-by-step instructions to design and implement an Azure Virtual WAN architecture for enterprise use cases. Additionally, the book offers detailed guidance on network security design and implementation, application delivery services, private platform service connectivity, and monitoring networks in Azure. Throughout the book, you’ll find hands-on labs carefully integrated to align with the exam objectives of the Azure Network Engineer certification (AZ-700), complemented by practice questions at the end of each chapter, allowing you to test your knowledge. By the end of this book, you’ll have mastered the fundamentals of Azure networking and be ready to take the AZ-700 exam.What you will learnRecap the fundamentals of Azure networkingDesign and implement name resolutionImplement cross-VNet and VNet internet connectivityBuild site-to-site VPN connections using the VPN gatewayCreate an ExpressRoute connectionSecure your network with Azure Firewall and network security groupsImplement private access to Azure servicesChoose the right load balancing option for your networkWho this book is forWhether you're an Azure network engineer or a professional looking to enhance your expertise in designing and implementing scalable and secure network solutions, this book is an invaluable resource. A basic understanding of cloud solutions will help you to get the most out of this book.

Contents:

Cover

Title Page

Copyright

Dedication

Contributors

Table of Contents

Preface

Part 1: Design and Implement Core Networking Infrastructure in Azure

Chapter 1: Azure Networking Fundamentals

Technical requirements

Understanding Azure VNet

Azure VNet versus traditional networks

Planning Vnet naming

Planning VNet location

Planning Vnet IP address spaces

Planning Vnet subnet segmentation

Working with platform services in subnets

Hands-on exercise - creating a single-stack VNet in Azure

Task 1 - creating the CharisTech resource group

Task 2 - creating the CoreServicesVNet VNet and subnets

Task 3 - verifying the creation of the VNet and subnets

Hands-on exercise - creating a dual-stack VNet in Azure

Task 1 - creating the dual-stack EngineeringVNet VNet and subnets

Task 2 - verifying the creation of the dual-stack VNet and subnets

Understanding private IP address assignment for subnet workloads

Hands-on exercise - determining the VM location and sizes for future exercises

Task 1 - determining the CPU quota limits for recommended subscription regions

Hands-on exercise - exploring private IP assignments

Task 1 - deploying VMs with dynamic and static private IP assignments

Hands-on exercise - cleaning up resources

Summary

Further reading

Chapter 2: Designing and Implementing Name Resolution

A hands-on exercise - provisioning resources for the chapter's exercises

Name resolution scenarios and options

Internal name resolution scenarios and options

Option 1 - Azure-provided name resolution

A hands-on exercise - exploring Azure-provided name resolution

Option 2 - customer-managed DNS servers

A hands-on exercise - implementing a customer-managed DNS server

Option 3 - Azure Private DNS.

A hands-on exercise - implementing Azure Private DNS

Option 4 - Azure Private DNS Resolver and Azure Private DNS zones

External name resolution scenarios and options

A hands-on exercise - implementing Azure Public DNS

A hands-on exercise - clean up resources

Chapter 3: Design, Implement, and Manage VNet Routing

Understanding the default routing for Azure VNet workloads

Understanding default routing for dual-stack subnets

Hands-on exercise - provisioning resources for the chapter's exercises

Hands-on exercise - explore the default routing of Azure subnet workloads

Modifying the default routing behavior

Implementing custom routing with user-defined routes

Hands-on exercise - route network traffic with a route table

Implementing dynamic custom routing with BGP

Hands-on exercise - implementing BGP dynamic routing with Azure Route Server

Route selection and priority

Chapter 4: Design and Implement Cross-VNet Connectivity

Understanding cross-VNet connectivity options

Connecting VNets using VNet peering

Planning VNet peering implementation

Understanding VNet peering architecture considerations

Understanding VNet peering and transitive routing

Configuring VNet peering

VNet peering in a hub-and-spoke architecture

Connecting VNets using a VPN gateway connection

Understanding VPN Gateway architecture considerations

Connecting VNets using a vWAN

Hands-on exercise - provisioning resources for the chapter

Task 1 - initializing the template deployment in GitHub

Hands-on exercise - implementing cross-region VNet connectivity using the vWAN

Task 1 - creating a vWAN.

Task 2 - creating a virtual hub in each VNet location in the vWAN

Task 3 - connecting the VNets to the regional virtual hubs

Task 4 - verifying effective routes on the VNets and the virtual hubs

Task 5 - verifying the connectivity between the VNets

Comparing the three cross-VNet connectivity options

Hands-on exercise - clean up resources

Part 2: Design, Implement, and Manage Hybrid Networking

Chapter 5: Design and Implement Hybrid Network Connectivity with VPN Gateway

Understanding Azure hybrid network connection options

Understanding the Azure VPN gateway

Choosing the right VPN gateway SKU and generation

Selecting between route-based or policy-based VPN types

Selecting high-availability options for VPN connections

Understanding third-party device compatibility

Hands-on exercise - provision resources for chapter exercises

Task 1: Initialize template deployment in GitHub, complete parameters, and deploy the template to Azure

Hands-on exercise: implement a BGP-enabled VPN connection in Azure

Task 1: Create the gateway subnet

Task 2: Deploy the VPN gateway into the subnet (with an existing public IP)

Task 3: Create the local network gateway

Task 4: Configure the VPN connection

Task 5: Verify VPN connection status and BGP peering

Task 6: Verify connectivity between the on-premises network and the Azure VNet

Understanding point-to-site connections

Defining a connection pool for P2S VPN connectivity

Selecting the tunnel type(s) for P2S VPN connectivity

Selecting the authentication type for P2S VPN connectivity

Hands-on exercise - implement a P2S VPN connection with Azure certificate authentication

Task 1: Connect to the remote user's PC via RDP

Task 2: Configure the P2S VPN gateway settings.

Task 3: Configure settings for VPN clients

Task 4: Verify connectivity between the remote PC and the Azure VNet

Troubleshoot Azure VPN Gateway using diagnostic logs

Chapter 6: Designing and Implementing Hybrid Network Connectivity with the ExpressRoute Gateway

Understanding what ExpressRoute is and its main use cases

Choosing between private peering and public peering

Understanding ExpressRoute components

Deciding on an ExpressRoute connectivity model

Understanding the provider model

Understanding the ExpressRoute direct model

Selecting the right ExpressRoute circuit SKU

Selecting the right ExpressRoute gateway SKU

Implementing ExpressRoute with zone redundancy

Modifying a gateway SKU

Implementing the gateway subnet

Improving data path performance with ExpressRoute FastPath

Understanding FastPath unsupported scenarios

Configuring FastPath for new or existing connections

Designing and implementing cross-network connectivity over ExpressRoute

Enhancing cross-network connectivity using VNet peering

Enhancing cross-network connectivity using multiple ExpressRoute VNet connections

Enhancing cross-network connectivity using ExpressRoute Global Reach

Understanding the implementation of encryption over ExpressRoute

Understanding the implementation of BFD

Hands-on exercise - implementing an ExpressRoute gateway

Task 1 - create a VNet and gateway subnet

Task 2 - deploy the ExpressRoute VNet gateway service

Task 3 - create and provision an ExpressRoute circuit

Task 4 - retrieve your service key (you need to send this to your SP)

Task 5 - check serviceProviderProvisioningState status

Task 6 - connect the ExpressRoute gateway to the ExpressRoute circuit.

Task 7 - deprovision an ExpressRoute circuit

Task 8 - clean up resources

Chapter 7: Design and Implement Hybrid Network Connectivity with Virtual WAN

Designing a scalable network topology in Azure

The standard hub-and-spoke topology

The Azure vWAN hub-and-spoke topology

Understanding the design considerations of a vWAN hub

Selecting the regions for the VWAN hub

Selecting an IP address space for the VWAN hub

Configuring the routing infrastructure for the VWAN hub

Configuring the VWAN hub routing preference

Connecting VNets together using VWAN

Understanding the routing and SD-WAN configuration in a virtual hub

Understanding VNet connection route table association

Understanding VNet connection route propagation

Implementing BGP peering between an NVA and a virtual hub

Implementing a third-party SD-WAN NVA in a virtual hub

Hands-on exercise 1 - provision resources for chapter exercises

Task 1 - initialize template deployment in GitHub

Configuring Site-to-Site connectivity using VWAN

Understanding the scalability considerations of a VWAN hub S2S VPN

Understanding the availability considerations of a VWAN hub S2S VPN

Understanding the performance considerations of a VWAN hub S2S VPN

Hands-on exercise 2 - implement site-to-site VPN connectivity using VWAN

Task 1 - add a site-to-site gateway to VWAN

Task 2 - create a VPN site in VWAN

Task 3 - connect the VPN site to a VWAN hub

Task 4 - obtain VPN configuration information

Task 5 - configure the "on-premises" VPN device

Task 6 - verify routes and connectivity to the "on-premises" site through VWAN

Task 7 - clean up the resources

Implementing a global transit network architecture using VWAN

Understanding the security considerations of a virtual hub.

Approach 1 - deploy Azure Firewall in the virtual hub.

Notes:

Description based upon print version of record.

Chapter 4: Design and Implement Cross-VNet Connectivity

Includes bibliographical references and index.

Description based on print version record.

ISBN:

9781803244174

1803244178

OCLC:

1393308664