October 4, 2025
As organizations face increasingly sophisticated security threats, implementing strong modern endpoint security and adopting a Zero Trust model have become essential. In this blog, I explore […]
- Filter by
- Categories
- Tags
- Authors
- Show all
- All
- Azure App Service
- Azure Architecture
- Azure Updates
- Command Line
- Community
- Microsoft Security
- Tech Community
- All
- .AI agent orchestration
- .NET
- .NET Core
- ABAC
- actions/checkout
- Active Directory
- adaptive cloud
- add-ons
- Adversary-in-the-middle (AiTM)
- agc
- Agentic AI
- AI
- AI + Machine Learning
- ai agent
- AI agents
- AI Chat Behavior
- ai foundry
- ai gateway
- ai search
- ai services
- AI-900
- AI-assisted coding
- AI-Powered Code Review
- AI-Powered Development
- AI-powered DevOps
- Akahu
- AKS
- alerts
- AMA
- amba
- analytics
- Android
- api
- API Management
- API security
- apim
- APIs
- App
- App Attach MSIX
- App Attach setup
- app development
- app service
- Application Gateway
- application gateway for containers
- Application Insights
- Archive Storage
- are copilot pages free
- Are Microsoft Applied Skills Credentials free
- arm
- Article
- Artificial Intelligence
- ASP.NET Core
- aspire
- Assesement
- auth0
- authentication
- Authoring Best Practices
- authorization
- automate vm setup
- Automated Plan Validation
- automation
- availability sets vs zones
- AVD
- AVD 2025
- AVD admin tips
- AVD beginner guide
- AVD configuration
- AVD demo
- AVD management
- AVD multiple desktop assignment
- AVD new features
- AVD Optimization
- AVD personal host pool
- AVD Setup
- avd step by step
- avd troubleshooting
- AVD tutorial
- AVD user assignment
- avnm
- aws
- AWS Cloud
- AZ-104
- AZ-900
- Azure
- Azure 101
- Azure Adaptive Cloud
- azure advisor
- Azure AI
- azure ai content security
- Azure AI Custom Vision
- Azure AI Foundry
- Azure AI Fundamentals
- Azure AI Language
- Azure AI Search
- Azure ai-services
- Azure API Management
- Azure APIM
- Azure APIM policy configuration
- Azure Arch Overview
- Azure Automation
- azure availability sets
- azure availability zones
- Azure Backup
- azure basic vpn
- Azure Bastion
- Azure Bicep
- Azure Blob Storage
- Azure Blob Storage scripts
- Azure Cache for Redis
- Azure Certification
- Azure CLI
- Azure Cloud
- Azure cloud automation
- Azure cloud desktop
- Azure confidential ledger
- Azure Container Apps
- Azure Container Registry
- Azure Container Storage
- Azure Cosmos DB
- Azure Cost Management
- azure custom script
- Azure Custom Script Extension
- Azure Data Box
- Azure Data Explorer
- Azure Data Lake Storage
- Azure Database for MySQL
- Azure Database for PostgreSQL
- Azure Database Migration service
- Azure Databricks
- Azure DDos Protection
- Azure Dedicated HSM
- Azure default outbound access
- azure deployment stacks
- Azure Developers
- Azure DevOps
- Azure DevOps automation
- Azure Disk Storage
- Azure DNS
- Azure Essentials Show
- Azure Event Hub
- Azure explicit internet access
- Azure ExpressRoute
- azure fault domains
- Azure Files
- Azure Files Cost
- Azure Files Premium
- Azure Firewall
- Azure Firewall Manager
- azure for beginners
- Azure Front Door
- Azure Functions
- Azure fundamentals
- Azure HDInsight on Azure Kubernetes Service (AKS)
- azure high availability
- azure home lab
- azure host pool
- Azure Hybrid Benefit
- Azure Infrastructure
- Azure infrastructure automation
- Azure Kubernetes Fleet Manager
- Azure Kubernetes Service
- Azure Kubernetes Service (AKS)
- Azure Load Testing
- Azure Local
- Azure Log Analytics
- Azure Logic Apps
- Azure Machine Learning
- Azure Managed Instance for Apache Cassandra
- Azure Managed Lustre
- Azure Managed Redis
- Azure Migrate
- Azure Modular Datacenter
- Azure Monitor
- Azure Monitor Agent
- azure monitor alerts
- azure monitor baseline alerts
- Azure Monitoring
- Azure NAT Gateway
- Azure NetApp Files
- Azure Network
- Azure Network Security
- Azure Networking
- azure networking tutorial
- Azure outbound access
- azure point to site vpn
- Azure Policy
- Azure Portal
- Azure PowerShell
- azure powershell tutorial
- azure powershell vpn
- Azure Private Link
- Azure Private Subnet
- azure rbac
- azure rdp
- azure rdp shortpath
- Azure Red Hat OpenShift
- azure regions
- Azure Resource Manager
- azure route server
- azure scripting
- Azure Security
- Azure Security Best Practices
- Azure Sentinel
- Azure September 2025 changes
- Azure Service Health
- Azure Site Recovery
- azure site to site vpn
- azure sla
- Azure SNAT
- Azure Sphere
- Azure SQL
- Azure SQL Database
- Azure SQL Managed Instance
- Azure Stack Hub
- Azure Storage
- Azure Storage Actions
- Azure Storage Essential Training
- Azure subnet configuration
- Azure subnet demo
- Azure Synapse Analytics
- azure sysadmin
- azure training
- Azure Tutorial
- azure udp
- azure update domains
- Azure VDI
- Azure Virtual Desktop
- Azure Virtual Desktop apps
- azure virtual machine
- Azure Virtual Machines
- Azure Virtual Network
- azure virtual network manager
- Azure Virtual WAN
- Azure VM
- Azure VM automation PowerShell
- azure vm deployment
- Azure VM Image Builder
- Azure VM Internet Access
- Azure VM management
- Azure VM PowerShell script
- azure vm redundancy
- Azure VM Setup
- Azure VMware Solution
- Azure VNet default access
- Azure VPN
- azure vpn connection
- azure vpn demo
- Azure VPN Gateway
- azure vpn setup
- azure vpn tutorial
- azure-ad-b2c
- azure-arc
- azure-b2c
- azureai
- azureverifiedmodules
- bash-script
- basic vpn gateway
- beeceptor
- bginfo
- bgp
- Bicep
- bicep resources
- bicep-local-deploy
- biceplang
- bike-shedding
- Blizzard
- boolean-logic
- Branch checkout
- branding
- build
- Business
- C#
- CCF
- Center of Exellence
- Certification
- Chaos Engineering
- Chatmode
- chocolatey azure
- CI/CD
- CI/CD automation
- CI/CD Pipeline
- Claude Code
- claude-ai
- Cloud
- Cloud & AI Platforms
- Cloud automation
- cloud automation azure
- Cloud Computing Explained
- Cloud development platforms
- Cloud Fundamentals
- Cloud Mechanix
- Cloud Migration
- cloud networking
- Cloud PC
- Cloud PC licensing
- cloud routing
- cloud security
- Cloud Services
- Cloud Skills
- Cloud Storage
- cloud vpn
- cloud-computing
- CloudFamily
- CloudPC
- Code review automation
- codegeneration
- Codeless Connector Framework
- coding
- CoE
- Cognitive Services
- Command Line
- command-line-interface
- community
- Community Contributions
- Commvault
- companies house
- Compliance
- Compliance Automation
- compute
- Computer Vision
- Conditional Access
- confidential computing
- Configuration Management
- connect azure to home network
- container os
- containers
- Content Delivery Network
- Continuous deployment
- Continuous integration
- Contributor
- Convert EXE to MSIX
- Convert MSI to MSIX
- copilot
- Copilot pages explained
- Copilot pages simplified
- copilot pages step by step demo
- Create a sensitive information type purview
- Create MSIX package
- create sit in purview
- credential theft
- Cross-tenant authentication
- CSE
- csharp
- Custom Logs
- Custom logs via AMA
- custom script extension
- custom-auth-extension
- custom-policies
- Cyberespionage
- Cybersecurity
- Daily Tracker
- Data Guardian
- data lake
- data migration
- Databases
- Databricks
- Defender
- Defender for Cloud
- Defender For Endpoint
- deploy apps azure
- Developer
- Developer Life
- Developer productivity
- Developer Tools
- developers
- Development
- devops
- DevOps automation
- digital sovereignty
- Digital Sovereignty Specialization
- disable default outbound
- disable rdp multipath
- dns
- dns query logging
- dns security policy
- docker
- Documentation
- Documentation Standards.
- dotnet
- Easy MSIX tutorial
- EF Core
- EMEA
- Enable Microsoft Purview Insider Risk Analytics
- enable rdp multipath
- Endpoint security
- entra
- Entra ID
- entra-external-id
- epac
- ephemeral
- Ephemeral Disk
- error-message
- Europe
- Event Grid
- event hub
- Event Hubs
- Events
- Exam Prep
- Exchange Online
- exploring
- Expressions
- ExpressRoute
- Extensions
- Features
- federated credentials
- FIM
- FIM2010R2
- fingerprint SIT Purview
- finops
- fleet manager
- flow logs
- foundry
- foundry project
- free ai-3016 course
- free ai-900 course
- Free Assessments Microsoft
- Free AZ-104 course
- free az-2008 course
- free az-204 course
- free az-305 course
- free AZ-500 course
- free az-700 course
- free dp-100 course
- free DP-3011 course
- free dp-605 course
- free md-4011 course
- Free Microsoft Asessmements
- Free Microsoft Certifications
- free microsoft course videos
- Free Microsoft Courses
- free ms-4023 course
- free pl-900 course
- Free sc-100 course
- Free SC-300 course
- free sc-900 course
- Frontline Cloud PC
- FSLogix profiles
- Future of coding
- Gallery
- Gartner Magic Quadrant
- GBB
- gcp
- Gen AI
- gen ai gateway
- genai
- Generative AI
- GitHub
- GitHub Actions
- GitHub Agentic Workflows
- github copilot
- GitHub Enterprise
- GitHub Models
- GitHub repository management
- GitHub Spark
- GitHub Troubleshooting
- GitHub Universe
- GitHub Workflows
- githubcopilot
- GitOps
- Global Black Belt
- Golang
- Google Cloud Platform
- governance
- granfeldt
- grok
- Hardening
- hashiconf
- HashiCorp
- HashiCorp Ambassador
- hashtable
- high availability azure
- homelab
- How to deploy Azure Arc
- how to setup vpn in azure
- How to take free Microsoft Certifications
- How-to
- HTTP
- hub-and-spoke
- Hybrid
- Hybrid + Multicloud
- Hybrid Cloud
- hybrid network azure
- Hyper-V
- IaaS
- IaC
- identity
- Identity and access management
- Ignite
- immutable
- In development
- In preview
- influencers
- Infrastructure as a service
- Infrastructure As Code
- Infrastructure as Code (IaC)
- Integration
- Intelligent automation
- Internet of Things
- Intune
- Intune Cloud PC
- ipsec vpn azure
- IT Infrastructure
- java
- jump box
- jwt
- Key Vault
- kmsi
- kubernetes
- Kusto
- Lab
- Language Understanding (LUIS)
- Launched
- Learn Azure
- learning
- LinkedIn Learning
- linting
- LINUX
- Linux Virtual Machines
- List Keys
- LLM
- llm-agent
- Local
- Local AI Deployment
- local-deploy
- Log Analytics
- Log Analytics Workspace
- Logic Apps
- lokka
- Machine Learning
- Main
- manage multiple Azure VMs
- Management
- management agent
- Management and Governance
- Markdown
- Markdown Formatting
- maui
- MCP
- MCP Servers
- MCP Toolkit
- mcp-server
- Media
- mentorship
- metrics
- mfa
- Microsoft
- Microsoft 365
- Microsoft 365 Local
- Microsoft Agent Framework
- Microsoft Applied Skills
- Microsoft Azure
- Microsoft Azure Tutorial
- Microsoft Build
- Microsoft Certified
- Microsoft Cloud
- Microsoft Cloud PC
- Microsoft Copilot for Azure
- Microsoft Copilot for Security
- Microsoft Cost Management
- Microsoft Defender
- Microsoft Defender for Cloud
- Microsoft Defender XDR
- Microsoft Dev Box
- Microsoft DNS
- Microsoft Entra
- Microsoft Entra Domain Services
- Microsoft Fabric
- Microsoft Graph
- Microsoft Ignite
- Microsoft Ignite 2025
- Microsoft Intune
- Microsoft Learn
- Microsoft licensing
- Microsoft Partner
- Microsoft Playwright Testing
- Microsoft Purview
- Microsoft Purview enable device onboarding step by step
- Microsoft purview enable logs step by step
- Microsoft Purview Information Protection
- Microsoft Purview Insider Risk
- Microsoft Purview learning path
- Microsoft Purview Sensitive Info Type
- Microsoft Purview Sensitive Information Types explained
- Microsoft Purview SIT
- Microsoft Security
- Microsoft Sentinel
- Microsoft Sentinel Data Lake
- Microsoft Sovereign Cloud
- Microsoft Sovereign Private Cloud
- Microsoft Sovereign Public Cloud
- Microsoft SQL Server
- Microsoft Teams
- Microsoft Visual Studio
- Microsoft Writing Style Guide
- Migration
- MIM
- Minecraft
- Mint Sandstorm (PHOSPHORUS)
- MirtualMachine
- ML
- Mobile
- Model Context Protocol
- modernization
- MongoDB
- Monitoring
- Most Valuable Professional
- msal
- MSIX
- MSIX certificate setup
- MSIX demo
- MSIX packaging explained
- MSIX Packaging Tool
- MSIX step by step
- MSIX tutorial for beginners
- multi session AVD
- Multi-tenant architecture
- mvp
- National Partner Cloud
- network
- Network security
- network security perimeter
- network security perimeters
- network virtual appliance
- Network Watcher
- networking
- Networking Basics
- new
- News
- NSP
- nsps
- OneDrive KFR
- Open Banking
- open source
- openai
- OpenAPI
- Operating System
- otp-sms
- otp-verification
- owasp
- PaaS
- Package apps for AVD
- Parameter
- parameters
- Partner Program
- Passwordless authentication
- passwords
- pattern
- Performance
- personal desktop Azure
- Personal Growth
- Pester
- Phishing
- PIM
- PIM Reauthentication
- platform as a service
- Platform Engineering
- Pluralsight
- Podcast
- Point-to-Site VPN
- policy as code
- Portal
- PowerAutomate
- powershell
- powershell azure
- PowerShell Azure tutorial
- PowerShell basics
- PowerShell for Beginners
- PowerShell Tutorial
- PowerShell Variable
- powertoys
- precondition
- Preview
- Pricing & Offerings
- Pricing Calculator
- Private Endpoint
- private endpoints
- Process Improvement
- product-strategy
- Productivity
- Professional Growth
- programming
- prompt
- prompt admin to reauthenticate when elevating role in PIM
- prompt injection
- Prototyping
- provisioning
- proxmox
- python
- rag
- ransomware
- Raspberry Pi
- RBAC
- rdp multipath
- rdp shortpath
- rdp udp multipath
- Reauthenticate conditional access policy
- reauthenticate PIM users in Azure
- redis
- Regions & Datacenters
- remediation
- Resource Health
- responsible-ai
- Retirements
- retrieval augmented generation
- routeserver
- routing
- run scripts on Azure VMs
- Runbook
- SaaS
- Sandstorm
- SC-200
- Schema
- Scripting
- sd-wan
- SDK and Tools
- SDKs
- sdn
- Secrets management
- Secure code checkout
- security
- Semantic Kernel
- Sentinel
- serverless
- service endpoints
- Service Health
- Services
- SIEM
- sign-in
- sign-up
- Simple MSIX guide
- site to site azure vpn
- site to site vpn
- site to site vpn tutorial
- Sleet
- smoke testing
- SOAR
- Software as a Service
- Software development workflow
- software-architecture
- software-design
- software-development
- software-engineering
- Sovereign Cloud
- Sovereign Landing Zones
- spectral
- splatting
- SQL Instance
- SQL Server
- SSO
- Star Blizzard (SEABORGIUM)
- static code analysis
- static web apps
- step by step
- Step by step Sensitive Info Type creation
- storage
- Storage Account
- Storage Accounts
- Storm
- string split
- Stripe
- Switzerland
- tech
- Tech Learning
- Technical Writing
- Technology
- technology-ecosystem
- Terminal
- Terraform
- Terraform Cloud
- Terraform Modules
- terraform-stacks
- test-automation
- themes
- Thomas Maurer
- Token theft
- Tooling
- Tools
- Traffic Manager
- tutorial
- ubiquiti cloud gateway
- ubiquiti vpn
- Uncategorized
- unit-testing
- update Azure VMs with PowerShell
- updated
- User-Defined Routing
- username
- validation
- vibe-coding
- Video
- Virtual desktop infrastructure
- virtual hub
- virtual machine
- Virtual Machine Scale Sets
- Virtual Machines
- virtual network
- virtual network flow logs
- virtual network gateways
- Virtual Network Peering
- Virtual WAN
- virtual wan routing
- Virtualization
- Visual Studio
- Visual Studio Code
- vm extensions azure
- VNet
- vpn
- vpn azure to on prem
- VPN Gateway
- vscode
- vwan
- W365
- WAF
- Web
- web application firewall
- web server
- Well-Architected
- Well-Architected Framework
- what are Copilot pages?
- What are Microsoft Applied Skills Credentials
- What are SITS in Microsoft Purview
- what is a fingerprint based SIT in Purview
- What is Cloud Computing
- What is MSIX
- Why Earn a Microsoft Applied Skills Credential?
- Windows
- Windows 10
- Windows 11
- Windows 365
- Windows 365 Business
- Windows 365 Enterprise
- Windows 365 explained
- Windows 365 Frontline
- Windows 365 licensing
- Windows 365 management
- Windows 365 tutorial
- Windows 365 vs AVD
- Windows app packaging
- windows powershell
- Windows Recovery Environment
- Windows Server
- windows server azure
- Windows Store
- Windows Terminal
- Windows Virtual Desktop
- Windows Virtual Machines
- Windows365
- windowsappsdk
- winget
- WinRE
- winui
- Workflow Automation
- Workflow Automation GitHub Actions GitHub Models Developer Productivity Tools
- Workflow orchestration
- Workflow YAML configuration
- Workload Identity Federation
- WSL
- xai
- xamarin
- XDR
- Zero Trust
- Zero Trust Architecture
- Zero Trust Networking Architecture
- zone redundant storage
- All
- Adrian Hills
- Aidan Finn
- Alan Kinane
- Az Advertizer
- Azure Community Enthusiasts
- azurefeeds
- Carlos Mendible
- Charbel Nemnom
- Dan Rios
- Daniel Bradley
- Daniel McLoughlin
- Daniel Scott-Raynsford
- Darren Robinson
- Dieter Gobeyn
- Freek Berson
- Gijs Reijn
- Gregor Suttie
- Imran Rashid
- Jake Walsh
- Jaliya Udagedara
- Jamie Maguire
- Joe Carlyle
- John Kilmister
- John Lokerse
- John Savill
- Jose Moreno
- Josh King
- Leo Visser
- Luke Murray
- Maik van der Gaag
- Mark Tinderholt
- Matt Felton
- Nicholas Chang
- Nicola Delfino
- Olivier Miossec
- Peter De Tender
- Pixel Roberts
- Rory Braybrook
- Sam Cogan
- Sarah Lean
- Simon Waight
- Stanislav Zhelyazkov
- Sucheta Gawade
- Tao Yang
- Thomas Maurer
- Thomas Thornton
- Tobias Zimmergren
- Travis Roberts
- Will Velida
July 7, 2025
Published by Aidan Finn on July 7, 2025
Categories
In this post, I will show how to use Azure Virtual Network Manager (AVNM) to enforce peering and routing policies in a zero-trust hub-and-spoke Azure network. […]