Archive for the ‘Azure’ Category

Improvements to Azure VM backups are now available

Azure Backup now has even greater support and functionality for Azure VM backups:

  • Azure Backup is introducing restoring Unmanaged VMs/Disks as Managed VMs/Disks to provide the benefit of Managed disks for customers who are currently backing up their unmanaged disks.

For more details, please read our documentation

Restore virtual machine

  • Azure Backup now supports Replace existing disks as an option for VMs that have Managed Service Identities (MSI) Both User assigned Identities and System assigned Identities.

For more details, please read our documentation.

All the above features are generally available in all Azure regions.

Enable Azure Accelerated Networking

Azure Accelerated Networking is a new option for Azure Infrastructure as a Service (IaaS) Virtual Machine (VM) on the NIC level providing several benefits by enabling single root I/O virtualization (SR-IOV) to a VM, greatly improving its networking performance. This high-performance path bypasses the host from the datapath, reducing latency, jitter, and CPU utilization, for use with the most demanding network workloads on supported VM types. You would typically use this feature with heavy workloads that need to send or receive data at high speed with reliable streaming and lower CPU utilization. It will enable speeds of up to 25Gbps per Virtual Machine. Best of all, it’s free!

accelerated-networking

How to Enable Accelerated Networking:

You can enable this feature during initial creation of the VM, on the networking tab, you will see “Enable Accelerated Networking”. If you are unable to enable, then it is not compatible on your chosen Azure VM size. If you need to enable this feature after VM creation you will require to do so through powershell as it is not yet supported in the portal. You can do this simply with the below commands after deallocating the Virtual Machine.


Login-AzureRmAccount
$nic = Get-AzureRmNetworkInterface -ResourceGroupName “YourResourceGroupName” -Name “YourNicName”
$nic.EnableAcceleratedNetworking = $true
$nic | Set-AzureRmNetworkInterface

Then proceed to start the Virtual Machine and Accelerated Networking will be enabled.

FREE eBook – The SysAdmin Guide to Azure Infrastructure as a Service

image

Many system administrators have been working with on-premises infrastructure for their whole careers so moving to a cloud-based environment can feel like a leap of faith. However, making the leap to Azure doesn’t have to be daunting. With the right preparation it can be a smooth transition, consistent with your current on-premises configuration.

This free eBook written by veteran IT consultant and Microsoft Certified trainer Paul Schnakenberg covers all aspects of setting up and maintaining a high-performing Azure IaaS environment. It starts from the very basics, introducing key terms and features you need to get started, including migration, and goes on to explain everyday maintenance and best practices before covering more advanced features.

To get the best results from this eBook, it is recommended to follow along with the step-by-step tutorials using your own Azure subscription. If you don’t currently have access, the eBook explains how to set up a free 30-day trial alongside $200 worth of Azure resources to use and 12 months of additional free resources!

Altaro consistently delivers high-quality eBooks that are packed full of valuable guidance for system administrators and this latest eBook is no exception. If you currently use Azure IaaS or are planning to use it, this is an awesome free resource that you definitely should not miss.

Download your free eBook today

Free e-book ‘Inside Azure Management’

Download the free e-book about ‘Inside Azure Management’ right now. The Preview release of Inside Azure Management is now available, with more than 500 pages covering many of the latest monitoring and management features in Microsoft Azure!

2019-04-09_20h50_43

Microsoft Ignite The Tour Amsterdam

Last week I’ve visited Microsoft Ignite The Tour in Amsterdam. Two realy great days with a lot of new information, presentations and knowledge. There also where a couple of new announcements from Microsoft.

IMG_7579

IMG_7612

My focus was Azure IaaS, security, governance and cost control within Azure. Of course there was a lot more to see, but this event was only 2 days, so I’ve had to make choices!

Microsoft has published the slide decks online, so you can download these now! (click)

Hoppefully I’ll be present the next year at this great event!!

Recordings webinar How to Supercharge your Infrastructure with Azure IaaS

Last month there was a webinar hosted by Altaro Software about ‘How to Supercharge your Infrastructure with Azure IaaS’. In this great webinar, Thomas Maurer (Senior Advocate on the Azure Engineering Team) and Andy Syrewicze shows you how to get the most out of Azure IaaS.

Very powerfull webinar, with a lot of fun and live demos! They also tackled several important use cases suggested by the IT community!

Special thanks to Altaro Software. Also thanks to Thomas and Andy for this great webinar!

Restricting RDP access to Azure virtual machines

By default, every VM you’v e created within Azure has RDP (Remote Desktop Protocol) on port 3389 enabled. You can access you VM from anywhere in the world.

You can restrict RDP access on just that IP addresses you want, so you can limit the access. So for example, you can limit your company IP address and maybe you home address to access the specific VM in Azure.

To restrict access, I’ve created a NSG (Network Seciruty Group) with the following configuration:

1.) Create a new Inbound security rule with a priority of 4095 (every digit below the default of 65000 is fine!!)
2.) Configure the following rule:

Priority: 4096
Name: Deny-RDP-Access
Source: Service Tag
Source service tag: Internet
Source port ranges: *
Destination: VirtualNetwork
Destination port ranges: 3389
Protocol: TCP
Action: Deny

3.) Configure a second rule:

Priority: 4095
Name: Allow-RDP-Access
Source: IP Addressess
Source IP Addressess/CIDR ranges: YOUR IP ADDRESSESS
Source port ranges: *
Destination: Any
Destination port ranges: 3389
Protocol: TCP
Action: Allow

image

Now you can test your new configuration. RDP access is only allowed from your custom IP addressess!!

Altaro Dojo forums

Altaro has kicked off the Altaro Dojo forums. The forum brings fellow IT pros together, connect the community and enable members to learn and share their knowledge with one another.

Some info on how people can use the forum can be found here.

Please register on the forum and share your knowledge with other IP pros! Let’s make some community!

I want to become a ‘Ninja’. Let’s go!!!