05.03.2020 – Stephen Hackers, attended the North East Azure User Group – 14th Meetup. Hosted by Frank Recruitment Group.
The core presentation was on Secure Connectivity to Azure by Matthew Bradley Chief Engineer (Azure) at ClearCloud
The session covered:
VPN Offerings, Service Endpoints, VNet Peering and Private Link
The presentation was focused on educating and sharing experiences in securing connectivity into Azure.
A key point : Security to Azure is required and it doesn’t need to come at a great expense to the business. Build it in to your solution from day 1.
Presentation Notes
VPN offerings:
- Basic options start at £20 a month roughly (06.03.2020)
- Bandwith is the key difference between levels
- Number of S2S tunnels is mostly limited to 30 except basic is 10.
Service Endpoints:
- No additional cost for VNet Service Endpoints
- VNet ACLs are not supported across AD tenants
- Service Endpoints add a system route which takes precedence over other routes
VNet Peering:
- Traffic between resources is private/isolated. Not encrypted
- Network address space must not overlap
- VNet peering doesn’t impose bandwiths
Private Link
- Connect to Azure without a public IP address
- Private end points mapped to an instance of PaaS (in Preview)
- Private Link works a bit like NAT, Private Link endpoint is given a private IP in the VNet of the source
- IP ranges can overlap
Summary
Small event, around 45 technical Azure focused people attended. Keeping the event simple with one good presentation. There are a great community bunch attending this up and coming North East Azure User Group. Thanks to Frank Recruitment Group for hosting the event and essential beer and pizza. Having a recruitment company hosting, minimal sales pitch was a double win. We did discuss careers a little too at the end (in the optional pub near by).
Looking forward to the next event. For anyone wishing to attend https://www.meetup.com/North-East-Azure-User-Group/