Azure Roadmap

Azure DDoS Protection is one of those services that sounds simple on paper but becomes confusing once you try to implement it properly with Infrastructure as Code. Microsoft Learn walks you through the concepts in the portal, but if you’re serious about Terraform, you quickly discover that not everything shown in the UI is exposed… Continue reading Azure DDoS Protection with Terraform: What Actually Works (and What Doesn’t)

I recently put together a small but realistic lab to deploy an Azure Application Gateway using Terraform. The goal wasn’t to build anything clever or cutting-edge, but to create something simple, repeatable, and close to how this would be done in a real Azure environment. The setup uses an Application Gateway with a public frontend… Continue reading Building an Azure Application Gateway with Terraform (A Simple, Practical Lab)

At this stage in the ExpressRoute journey, a lot of groundwork has already been done. Azure is ready to accept a private connection, and Microsoft has reserved capacity at the edge of its network. You’ve created a virtual network with an ExpressRoute gateway, and you’ve provisioned an ExpressRoute circuit with a chosen provider, bandwidth, and… Continue reading Designing Azure ExpressRoute from Scratch: Part 5: Configuring ExpressRoute Peering

Up to this point in the ExpressRoute journey, everything we’ve built has lived entirely inside Azure. That prepared Azure to accept a private connection, but there still isn’t one. This next step is where the private connection itself comes into existence. That’s exactly what an ExpressRoute circuit is. What an ExpressRoute Circuit Really Is An… Continue reading Designing Azure ExpressRoute from Scratch: Part 4: Creating the ExpressRoute Circuit

In the previous part of this series, we decided why an organisation needs ExpressRoute and what kind of ExpressRoute makes sense. At this point, nothing has been deployed yet, we’ve only made design decisions. This next step is where we start preparing Azure itself. Before Azure can connect to anything on-premises, it needs a dedicated… Continue reading Designing Azure ExpressRoute from Scratch: Part 3: Preparing Azure to Accept an ExpressRoute Connection

Now that we understand why an organisation would consider ExpressRoute in the first place (private, reliable connectivity into Azure), the next step is where most people accidentally start too late: picking a SKU, clicking through the portal, or trying to “just build the lab.” But the real design work happens before any deployment At this… Continue reading Designing Azure ExpressRoute from Scratch: Part 2: Choosing What You Actually Need

Why Would an Organisation Need ExpressRoute? When organisations first move workloads to Azure, connectivity is usually not a complex discussion. Applications are accessed over the public internet, often protected by encryption and, in some cases, a VPN. For many businesses, this approach works perfectly well in the early stages of cloud adoption. However, as reliance… Continue reading Designing Azure ExpressRoute from Scratch: Part 1: Why Choose ExpressRoute?

When people talk about “VPNs in Azure”, they’re often talking about very different things. Azure supports several connectivity models, each designed to solve a specific problem. Choosing the wrong one doesn’t usually fail immediately, but it often leads to unnecessary cost, complexity, or poor performance later on. Understanding why each option exists is far more… Continue reading Azure VPN Connectivity Explained: Which One Should You Use, and Why?

When people first look at AZ-700, it’s easy to think it’s a “light” networking exam. The content itself isn’t huge, but the exam isn’t testing how many CIDR ranges you can memorise, it’s testing whether you can design Azure networks properly. Subnet design is a perfect example of this. In real environments, most networking issues… Continue reading Subnet Design Requirements for Azure Landing Zones (AZ-700 Architect View)