05.03.2020 – Stephen Hackers, attended the North East Azure User Group – 14th Meetup. Hosted by Frank Recruitment Group.
The core presentation was on Secure Connectivity to Azure by Matthew Bradley Chief Engineer (Azure) at ClearCloud
The session covered:
VPN Offerings, Service Endpoints, VNet Peering and Private Link
The presentation was focused on educating and sharing experiences in securing connectivity into Azure.
A key point : Security to Azure is required and it doesn’t need to come at a great expense to the business. Build it in to your solution from day 1.
Basic options start at £20 a month roughly (06.03.2020)
Bandwith is the key difference between levels
Number of S2S tunnels is mostly limited to 30 except basic is 10.
No additional cost for VNet Service Endpoints
VNet ACLs are not supported across AD tenants
Service Endpoints add a system route which takes precedence over other routes
Traffic between resources is private/isolated. Not encrypted
Network address space must not overlap
VNet peering doesn’t impose bandwiths
Connect to Azure without a public IP address
Private end points mapped to an instance of PaaS (in Preview)
Private Link works a bit like NAT, Private Link endpoint is given a private IP in the VNet of the source
IP ranges can overlap
Small event, around 45 technical Azure focused people attended. Keeping the event simple with one good presentation. There are a great community bunch attending this up and coming North East Azure User Group. Thanks to Frank Recruitment Group for hosting the event and essential beer and pizza. Having a recruitment company hosting, minimal sales pitch was a double win. We did discuss careers a little too at the end (in the optional pub near by).