July 7, 2025
In this post, I will show how to use Azure Virtual Network Manager (AVNM) to enforce peering and routing policies in a zero-trust hub-and-spoke Azure network. […]
- Filter by
- Categories
- Tags
- Authors
- Show all
- All
- Azure App Service
- Azure Architecture
- Azure Blog
- Azure Retirements
- Azure Updates
- Command Line
- Community
- Microsoft News
- Microsoft Security
- Tech Community
- All
- .NET
- Access Azure Cloud Shell from local device
- access control list
- acls
- Active Directory
- Active Directory Management
- Active Directory Sync
- AD DS
- AD DS Migration
- AD Health Check
- add-ons
- Adversary-in-the-middle (AiTM)
- Agentic AI
- agic
- AI
- AI + Machine Learning
- AI Chat Behavior
- ai foundry
- AI learning
- ai search
- ai services
- AI Skills fest
- AI Skillsfest
- AKS
- alerts
- amba
- AML
- analytics
- Android
- Annual Channel
- API Management
- API manager
- api-development
- APIs
- App Configuration
- App Control
- app service
- app-modernization
- Application Gateway
- application gateway for containers
- Application Insights
- application security groups
- Arc Jumpstart
- Archive Storage
- Are agents free in Microsoft 365 Copilot chat
- are copilot pages free
- Are Microsoft Applied Skills Credentials free
- Article
- Artificial Intelligence
- ASP.NET Core
- aspire
- Audio Notes
- auth0
- authentication
- Authoring Best Practices
- authorization
- automation
- availability sets vs zones
- Availability Zones
- AVD
- AVD 2025
- AVD admin tips
- AVD best practices
- AVD changes 2025
- AVD clipboard redirection
- AVD configuration
- AVD demo
- AVD drive redirection
- AVD host pool settings
- AVD management
- AVD multiple desktop assignment
- AVD new features
- AVD personal host pool
- AVD printer redirection
- AVD redirection
- AVD security update
- AVD Setup
- AVD tutorial
- AVD USB redirection
- AVD user assignment
- AVM
- avnm
- aws
- AZ-104
- AZ-900
- Azure
- Azure Active Directory
- Azure Activity Logs
- Azure AD
- Azure AD Connect
- Azure AD Sync
- Azure Adaptive Cloud
- Azure Administration
- azure advisor
- Azure AI
- Azure AI Foundry
- Azure AI Search
- azure ai serach
- Azure ai-services
- azure application delivery
- Azure Application Gateway
- azure application gateway for containers
- azure availability sets
- azure availability zones
- Azure Backup
- azure basic vpn
- Azure Bastion
- Azure Bastion demo
- Azure Bastion Developer Tier
- Azure Bastion free tier
- Azure Bastion Linux
- Azure Bastion Setup
- Azure Bastion Tutorial
- Azure Bastion walkthrough
- Azure Bastion Windows
- Azure Best Practices
- Azure Bicep
- Azure Blob Storage
- Azure Blob vs File vs Disk
- Azure Certificate demo
- Azure Certification
- Azure Chaos Studio
- Azure CLI
- Azure CLI SSH
- Azure Cloud
- Azure Cloud Architect
- Azure cloud desktop
- Azure Cloud Identity
- Azure Cloud Security
- Azure Cloud Shell from laptop
- Azure Cloud Storage
- Azure Cloud Tutorial
- Azure Compute Fleet
- Azure confidential ledger
- Azure Container Apps
- Azure Container Instances
- Azure Container Registry
- azure copilot
- Azure Cosmos DB
- Azure Cost Management
- Azure Data Box
- Azure Data Explorer
- Azure Data Factory
- Azure Data Lake Storage
- Azure Data Storage
- Azure Database for MySQL
- Azure Database for PostgreSQL
- Azure Database Migration service
- Azure Databricks
- Azure default outbound access
- Azure Developers
- Azure DevOps
- Azure DevTest Labs
- Azure Disk Storage
- Azure DNS
- Azure Domain Services
- Azure Edition
- Azure Entra Migration
- azure essentials
- Azure Essentials Show
- Azure Event Hub
- Azure explicit internet access
- Azure ExpressRoute
- azure fault domains
- Azure File Share
- Azure File Storage
- Azure Files
- Azure Firewall
- Azure Firewall Manager
- azure firewall policy
- azure fleet
- azure for beginners
- Azure Front Door
- Azure Functions
- Azure HDInsight on Azure Kubernetes Service (AKS)
- azure high availability
- azure home lab
- azure hybrid
- Azure Hybrid Benefit
- Azure Hybrid Identity
- Azure Identity Management
- Azure Identity Services
- Azure Image Builder
- Azure Infrastructure
- Azure Key Vault
- Azure Key Vault and Lets Encrypt certs demo
- Azure Key Vault demo
- Azure Kubernetes Fleet Manager
- Azure Kubernetes Service
- Azure Kubernetes Service (AKS)
- Azure Lab
- Azure Load Testing
- Azure Local
- Azure Log Analytics
- Azure Logic Apps
- Azure Machine Learning
- Azure Maps
- Azure Migrate
- Azure Modular Datacenter
- Azure Monitor
- azure monitor alerts
- azure monitor baseline alerts
- Azure Monitor Workbooks
- Azure Monitoring
- Azure NAT Gateway
- Azure Native Client
- Azure NetApp Files
- azure network monitoring
- Azure Network Security
- Azure Networking
- azure networking tutorial
- Azure Open AI
- azure openai
- azure openai service
- Azure outbound access
- Azure Platform
- azure point to site vpn
- Azure Policy
- Azure Portal
- Azure Portal Tutorial
- Azure PowerShell
- azure powershell vpn
- Azure Private Link
- Azure Private Subnet
- azure rbac
- Azure RDP settings
- Azure RDP without public IP
- Azure Red Hat OpenShift
- azure regions
- azure routing
- Azure Security
- Azure Security Best Practices
- Azure Sentinel
- Azure September 2025 changes
- Azure Service Bus
- Azure Setup
- Azure Site Recovery
- azure site to site vpn
- Azure Skill Sprint
- azure sla
- Azure SNAT
- Azure Spot Virtual Machines
- Azure Spring Apps
- Azure SQL
- Azure SQL Database
- Azure SQL DB
- Azure SQL Edge
- Azure SQL Managed Instance
- Azure SSH without public IP
- Azure Stack HCI
- Azure Stack Hub
- Azure Storage
- Azure Storage Actions
- Azure Storage Best Practices
- Azure Storage Explained
- Azure Storage for Beginners
- Azure Storage Options
- Azure Storage Overview
- Azure Storage Performance
- Azure Storage Pricing
- Azure Storage Tutorial
- Azure Storage Types
- Azure subnet configuration
- Azure subnet demo
- Azure Subscription
- Azure Synapse Analytics
- azure traffic analytics
- Azure Traffic Manager custom domain has not been configured in Azure
- azure training
- azure update domains
- Azure VDI
- Azure Virtual Desktop
- Azure Virtual Machines
- Azure Virtual Network
- azure virtual network manager
- Azure VM
- Azure VM connection
- azure vm deployment
- Azure VM Internet Access
- Azure VM RDP
- azure vm redundancy
- Azure VM Security
- Azure VM Setup
- Azure VNet Bastion
- Azure VNet default access
- Azure VPN
- azure vpn connection
- azure vpn demo
- Azure VPN Gateway
- azure vpn setup
- azure vpn tutorial
- Azure Well-Architected Framework
- azure-ad-b2c
- azure-arc
- azure-b2c
- azureai
- AzureAIFoundry
- AzureAISearch
- azurebicep
- azuredevops
- azureopenai
- azureverifiedmodules
- bash-script
- basic vpn gateway
- Bastion Host
- beginners
- best practices
- Bicep
- biceplang
- Bing Search
- Blizzard
- blog
- Book Review
- boolean-logic
- build
- Business
- Business Intelligence
- C#
- Canceled
- Chat GPT
- Chatmode
- client-credentials-flow
- Cloud
- Cloud Architect
- Cloud Directory Sync
- Cloud Foundation
- Cloud Mechanix
- Cloud Migration
- Cloud Network Security
- Cloud PC
- Cloud PC licensing
- Cloud Recovery
- Cloud Rewind
- cloud security
- Cloud Services
- Cloud Storage
- cloud terminology
- cloud vpn
- cloud-computing
- CloudFamily
- Cmd
- cmk
- code
- codegeneration
- coding
- Command Line
- command-line-interface
- community
- Community Contributions
- Community IT event
- Commvault
- Compliance
- compute
- Conditional Access
- connect azure to home network
- Connect to Azure VM
- container networking
- containers
- Contributor
- copilot
- Copilot pages explained
- Copilot pages simplified
- copilot pages step by step demo
- cosmosdb
- Cost Management
- cost-optimization
- credential theft
- cryptocurrency mining
- cryptojacking
- csharp
- custom error
- custom script extension
- custom-policies
- Cyberespionage
- Cybersecurity
- Cybersecurity trends
- D365
- D365 CE
- D365 F&O
- D365 Sales & CRM
- dashboards
- data
- Databases
- databricks devops
- Dayforce
- Deleted
- dependabot
- Deploy Azure Bastion
- deployment
- deployment stacks
- dev-containers
- Developer
- Developer Life
- Developer Tools
- Development
- devops
- Diagnostic Settings
- diagnostics
- difference between Microsoft 365 Copilot Chat and Microsoft 365 Copilot
- disable default outbound
- distributed-systems
- DNS Configuration
- document-intelligence
- Documentation
- Documentation Standards.
- Does Microsoft 365 Copilot use company data to train LLM
- Domain Controller
- Domain Controller Demotion
- dotnet
- ECMA2
- EF Core
- Encryption
- Endpoint management
- Enterprise File Sharing
- Enterprise IT
- enterprise-architecture
- entra
- Entra Connect
- Entra Connect High Availability
- Entra Connect Migration
- Entra Connect Staging Mode
- Entra Connect Step by Step
- Entra ID
- Entra Internet Access
- Entra Suite
- entra-external-id
- epac
- error
- error-message
- Event
- event hub
- event-driven-architecture
- Events
- Exchange Online
- Exec posts
- explore microsoft purview portal
- Expressions
- ExpressRoute
- Extended Network for Azure
- external-id
- fail()
- Features
- federation
- Fedora
- fiddler
- File Sharing Security
- FIM
- finops
- Firewall
- firewall rules
- foundry
- Free AI learning
- free ai-3016 course
- free ai-900 course
- Free Assessments Microsoft
- Free AZ-104 course
- free az-2008 course
- free az-204 course
- free az-305 course
- free AZ-500 course
- free az-700 course
- Free Azure Bastion
- free dp-100 course
- free DP-3011 course
- free dp-605 course
- free md-4011 course
- Free Microsoft Asessmements
- Free Microsoft Certifications
- free microsoft course videos
- Free Microsoft Courses
- free ms-4023 course
- free pl-900 course
- Free sc-100 course
- Free SC-300 course
- free sc-900 course
- Frontline Cloud PC
- FSLogix profiles
- FSMO Roles
- gateway api
- genai
- General
- General Development
- Generative AI
- getting started with Microsoft Purview
- GitHub
- GitHub Actions
- github copilot
- GitHub Troubleshooting
- GitHub Workflows
- githubcopilot
- Global Secure Access
- Google Cloud Platform
- governance
- gpt4o
- Grafana
- grafana dashboards
- granfeldt
- Graph
- graph-explorer
- grok
- gwctl
- HashiCorp
- HashiCorp Ambassador
- Have I Been Pwned
- header
- Helm
- high availability azure
- homelab
- host
- How to access Azure Cloud Shell locally
- how to setup vpn in azure
- How to take free Microsoft Certifications
- How-to
- http route
- hub
- Hub & Spoke
- hub-and-spoke
- Hugo
- Hybrid
- Hybrid + Multicloud
- Hybrid Cloud
- Hybrid Cloud Authentication
- Hybrid Identity
- hybrid network azure
- Hyper-V
- IaC
- identity
- Identity and access management
- Identity-Based Security
- In development
- In preview
- influencers
- Information Technology
- infrastructure
- Infrastructure As Code
- infrastructureascode
- ingress controller
- Integration
- Internet of Things
- Intune
- Intune Cloud PC
- Intune tips
- Investor Relations
- ipam
- ipsec vpn azure
- Is Microsoft 265 Copilot free
- IT administration
- IT conference 2025
- IT networking event
- IT Pro
- IT Professionals
- IT Tutorials
- java
- jfk-assassination
- John Towles interview
- jwt-token
- K8s
- KDC Proxy
- KEMP
- Kerberos Authentication
- kinde
- kmsi
- KQL
- kubernetes
- kubernetes fleet
- kubernetes gateway
- kubernetes gateway api
- kubernetes networking
- Kusto
- kusto query language
- Lab
- Landing Zones
- Language Understanding (LUIS)
- Launched
- Learn Azure
- learning
- LINUX
- Linux Virtual Machines
- Living off the land
- LLM
- Load Balancer
- load balancing
- Loadmaster
- Log Alerts
- Log Analytics
- Logic Apps
- Long-Term Servicing Channel
- Machine Learning
- macOS
- Managed Prometheus
- Management
- Management and Governance
- Management Groups
- Markdown Formatting
- masking
- maui
- MCP
- mcp-server
- mentorship
- metrics
- mfa
- micro-segmentation
- microsegmentation
- Microsoft
- Microsoft 365
- Microsoft 365 Copilot
- Microsoft 365 Copilot Chat and Microsoft 365 Copilot Explained
- Microsoft 365 Copilot Chat explained
- Microsoft 365 Security
- Microsoft AI Skills Fest
- Microsoft Applied Skills
- Microsoft Azure
- Microsoft Azure Tutorial
- Microsoft Build
- Microsoft Cloud
- Microsoft Cloud PC
- Microsoft Cloud Security
- Microsoft Copilot for Azure
- Microsoft Copilot for Security
- Microsoft Cost Management
- Microsoft Defender
- Microsoft Defender for Cloud
- Microsoft Dev Box
- Microsoft Earnings Results
- Microsoft Entra
- Microsoft Entra Domain Services
- Microsoft Entra ID
- Microsoft Entra ID (formerly Azure AD)
- Microsoft Fabric
- Microsoft Graph
- Microsoft Ignite
- Microsoft Intune
- Microsoft Learn
- Microsoft licensing
- microsoft mvp
- Microsoft Purview
- Microsoft purview explained
- Microsoft Purview for beginners
- Microsoft Purview portal
- Microsoft Purview roles and scopes
- Microsoft purview step by step guide
- Microsoft Security
- Microsoft Sentinel
- Microsoft Training
- Microsoft Visual Studio
- Microsoft Writing Style Guide
- microsoft-support
- Migrate Entra Connect
- Migration
- MIM
- Mint Sandstorm (PHOSPHORUS)
- Misc
- MITRE ATT&CK
- ML
- Mobile
- Modern Workplace
- modules
- Most Valuable Professional
- msal
- multi session AVD
- multi-cluster load balancing
- multi-cluster networking
- mvp
- native-authentication
- network
- Network Address Translation
- network rules
- Network security
- network security group
- network security rules
- Network Traffic Filtering
- Network Watcher
- network-tracking
- networking
- Networking Basics
- new
- News
- NodeJS
- NoSQL
- NSG
- nuget
- nxdomain
- nxdomainredirect
- observability
- oidc
- On-Premises AD
- OneDrive KFR
- open source
- open-api
- openai
- opensource
- Operating System
- Operational Excellence
- overlay cni
- PaaS networking
- Packer
- patterns
- Performance Efficiency
- personal desktop Azure
- Phishing
- PIM
- PIM Reauthentication
- Platform Engineering
- Pluralsight
- Point-to-Site VPN
- policy as code
- politics
- Portal
- postgresql
- postman-testing
- Power BI Embedded
- PowerAutomate
- powershell
- PowerShell Active Directory
- precondition
- presentations
- Press Releases
- Pricing & Offerings
- Private Endpoint
- private link
- private networking
- privatelink
- privatelinkrealitybites
- Productivity
- profile-edit
- programming
- Progress
- Promote DC
- prompt
- prompt admin to reauthenticate when elevating role in PIM
- Prompt Engineering
- Prompt Flow
- Prototyping
- provisioning
- proxmox
- public cloud networking
- Public Speaking
- pullrequest
- python
- Quick Post
- ransomware
- Raspberry Pi
- RBAC
- RDP over TLS
- Reauthenticate conditional access policy
- reauthenticate PIM users in Azure
- Recent News
- recording
- Regions & Datacenters
- Reliability
- Remote code execution
- Remote Desktop Azure
- Remove Domain Controller
- Resiliency
- Resource Health
- responsible-ai
- ResponsibleAI
- REST API
- Retirements
- reverse proxy
- Roles in Microsoft Purview explained
- route table
- routing
- s2s vpn
- SaaS
- SAML
- Sandstorm
- SDK and Tools
- SDKs
- Secure Azure VM Access
- Secure File Sharing
- Secure Future Initiative
- Secure Internet Access
- Secure SMB Access
- Secure Web Gateway
- security
- security admin rules
- Security Baseline
- Securtiy
- Semantic Kernel
- Sentinel
- Server Manager
- serverless
- Service Endpoint
- service endpoint policy
- Service Health
- Service Management
- Services
- SIEM
- signature
- site to site azure vpn
- site to site vpn
- site to site vpn tutorial
- Sleet
- SMB Configuration
- SMB over QUIC
- SMS
- snyk
- SOAR
- software-architecture
- Software-Defined Networking
- software-design
- software-developer
- software-development
- software-engineering
- speaking
- Speech
- Speech to Text
- sql
- SQL Interview
- SQL Server
- SQL Server on Azure Virtual Machines
- SSH Azure VM
- Star Blizzard (SEABORGIUM)
- static code analysis
- Static IP Azure
- Step by Step Azure Key Vault and certificate demo
- storage
- Storage Accounts
- Storage Replicas
- Storm
- string split
- Survey
- swagger
- system administrator
- Tech conference Dallas
- Tech Guide
- Tech Tutorial
- Technical
- Technical Writing
- Technology
- technology-ecosystem
- terminology
- Terraform
- test-automation
- testing
- Text Analytics
- Thomas Maurer
- thought-leadership
- TLS 1.3 Encryption
- Token theft
- totp
- trace
- traffic analytics
- traffic filtering
- Traffic Manager
- Traffic Manager 404 Website not found
- traffic visibility
- troubleshooting
- tutorial
- ubiquiti cloud gateway
- ubiquiti vpn
- Uncategorized
- updated
- user-defined route
- User-Defined Routing
- validation
- vibe-coding
- Video
- Virtual desktop infrastructure
- virtual machine
- Virtual Machine Scale Sets
- Virtual Machines
- virtual network
- virtual network flow logs
- Virtual Network Gateway
- Virtual Network Peering
- virtual network service endpoint
- Virtual WAN
- Virtualization
- Visual Studio Code
- VNet
- VNet Flow Logging
- vnet flow logs
- vnet service endpoint
- vpn
- VPN Alternative
- vpn azure to on prem
- VPN Gateway
- vpn site-to-site
- vscode
- Web
- web app
- web application firewall
- Web Content Filtering
- Web Filtering Policy
- web server
- webapp
- Well-Architected
- Well-Architected Framework
- WellArchitectedFramework
- What are adaptive scopes in Microsoft Purview
- what are Copilot pages?
- What are Microsoft Applied Skills Credentials
- what is Microsoft 365 Copilot chat
- what is Microsoft Purview
- Why Earn a Microsoft Applied Skills Credential?
- Windows
- Windows 11
- Windows 365
- Windows 365 Business
- Windows 365 Enterprise
- Windows 365 explained
- Windows 365 Frontline
- Windows 365 licensing
- Windows 365 management
- Windows 365 tutorial
- Windows 365 vs AVD
- Windows AD
- Windows Admin Center
- Windows Console
- Windows Server
- Windows Server 2022
- Windows Server 2025
- Windows Server Administration
- Windows Server Azure Edition
- Windows Server Comparison
- Windows Server Datacenter
- Windows Server Deployment
- Windows Server Features
- Windows Server Hotpatching
- Windows Server Licensing
- Windows Server Service Channels
- Windows Server Standard
- Windows Server Summit
- Windows Server Tutorial
- Windows Subsystem for Linux (WSL)
- Windows Terminal
- Windows Terminal Azure Cloud Shell
- Windows Virtual Desktop
- Windows Virtual Machines
- Workbooks
- Workplace Ninjas
- Workplace Ninjas US
- workspace-ip-access
- WSL
- xai
- xamarin
- XDR
- yaml
- Zero Trust
- Zero Trust Architecture
- Zero Trust Azure
- Zero Trust Networking Architecture
- zone redundant storage
- All
- Adrian Hills
- Aidan Finn
- Alan Kinane
- Az Advertizer
- Azure Community Enthusiasts
- azurefeeds
- Carlos Mendible
- Charbel Nemnom
- Cloud Native Weekly
- Dan Rios
- Daniel Bradley
- Daniel McLoughlin
- Daniel Scott-Raynsford
- Darren Robinson
- David O'Brien
- Dieter Gobeyn
- Freek Berson
- Greg Low
- Gregor Suttie
- Imran Rashid
- Jake Walsh
- Jaliya Udagedara
- James Cook
- Jamie Maguire
- Jesse (JSON) Loudon
- Joe Carlyle
- John Kilmister
- John Lokerse
- John Savill
- Jose Moreno
- Leo Visser
- Luke Murray
- Maik van der Gaag
- Mark Tinderholt
- Matt Felton
- Nicholas Chang
- Nicola Delfino
- Olivier Miossec
- Peter De Tender
- Pixel Roberts
- Rod Trent
- Rory Braybrook
- Roy Kim
- Sam Cogan
- Sarah Lean
- Simon Waight
- Stanislav Zhelyazkov
- Sucheta Gawade
- Tao Yang
- Thomas Maurer
- Thomas Thornton
- Tobias Zimmergren
- Travis Roberts
- Vukašin Terzić
- Will Velida
May 28, 2025
Introduction In this blog I’ll detail how you can create custom resource set definitions (Azure Policy initiatives) from the Azure Monitor Baseline Alerts (AMBA) resources via […]
March 20, 2025
Introduction A quick blog to demonstrate a solution for enforcing that Log Analytic Workspaces in your environment are created with a daily quota property value set. […]
March 8, 2025
Once a SQL Managed Instance (SQL MI) is created, you can connect to the managed instance using SQL Server Management Studio (SSMS). There are 2 ways […]
March 8, 2025
I am currently working on implementing some monitoring solutions in a customer’s Azure environment. I only realised yesterday that Azure does not offer any built-in Azure […]
February 10, 2025
Transport Layer Security (TLS) version 1.3 has been supported by Azure Storage Accounts since January 2024. The ARM API for storage account now accepts TLS1_3 as […]