Category: Work

All about my Work


IT Career Energizer Episode Thomas Maurer

Part of the IT Career Energizer podcast

I had the chance to be part of Phil Burgess IT Career Energizer podcast. IT Career Energizer podcast helps those who want to start, develop, and grow their IT careers. Guests share their experience and advice, which will help others in their careers. It was great to talk to Phil as discuss some exciting highlights, like becoming a Microsoft MVP in 2012 and being part until 2019 when I joined Microsoft. We also discussed the challenges in my career and where I faced some difficult decisions, as well as some exciting times coming up in the IT industry.

When you listen to the I.T. Career Energizer you’ll hear from individuals from around the world.  Each guest gives their own perspectives on career development and their views on the future of technology. My guests include programmers, business analysts, project managers and testers to name but a few.

Phil did almost 200 episodes until today, and I am proud and happy to be part of it. You can listen and subscribe to the podcast on itcareerenergizer.com.



Nigel Frank Migrating and extending with Microsoft Azure

Article about Azure Migration on Nigel Frank International

This week my blog post on Azure Migration and Hybrid Cloud on the Nigel Frank International blog went live. The title of the article is, Migrating and extending your on-premises environment with Microsoft Azure. In that blog post, I what your advantages are by using the cloud and some of the different approaches to use Microsoft Azure. Before I then go deeper on different Azure scenarios and topics.

I cover a lot of different Azure options like:

Nigel Frank International

The public cloud is becoming more and more important for companies that want to stay agile and flexible to meet their business demands. But if a company decides to move to the public cloud, what are the best ways to migrate to Microsoft Azure? In this blog post, we’ll take a quick look at what services Microsoft offers to make your cloud migration easier.

It was fun to work with the team at Nigel Frank International and I hope you like the article.



Download the new Windows Terminal Preview

Install the new Windows Terminal (Preview)

At Microsoft Build 2019, the team announced a new Windows Terminal which will be open-source. There are a couple of improvements which are coming to the new Windows Terminal like; multiple tabs support, GPU accelerated DirectWrite/DirectX-based text rendering engine, advanced configuration settings, and much more. It allows you to run different shells like Windows PowerShell, PowerShell Core, Command Prompt, WSL, and also WSL 2. Today you can download the Windows Terminal Preview from the Microsoft Store. It is still a very early preview and the team, as well as the community, are still working on it. The team’s goal is to work with the community and launch version 1.0 end of 2019. Here is how you can install the new Windows Terminal.

Windows Terminal is a new, modern, fast, efficient, powerful, and productive terminal application for users of command-line tools and shells like Command Prompt, PowerShell, and WSL.

You can find more information about it here on the Microsoft announcement blog.

Download and Install the Windows Terminal

You were able to download the sources for the terminal from GitHub and build it yourself. However, the preview release in the Windows Store makes it much easier to try it out and stay more up to date.

Windows Terminal

Windows Terminal will be delivered via the Microsoft Store in Windows 10 and will be updated regularly, ensuring you are always up to date and able to enjoy the newest features and latest improvements with minimum effort.

Provide Feedback and get involved

Windows Terminal is a new, modern, feature-rich, productive terminal application for command-line users. It includes many of the features most frequently requested by the Windows command-line community including support for tabs, rich text, globalization, configurability, theming & styling, and more.

The Terminal will also need to meet our goals and measures to ensure it remains fast, and efficient, and doesn’t consume vast amounts of memory or power.

You can file bugs and share feedback with the community and us, as well as fix issues and make improvements on GitHub. If you come across any bugs or want to share feedback, you can do that on GitHub issues for detailed issues/discussions or with the Microsoft Store release in the Feedback Hub. You join the development on GitHub.

If you want to use the new font which was designed for terminals and code editors like VS Code, check out my post about Cascadia Code.

Azure Cloud Shell

Windows Terminal Azure Cloud Shell

Windows Terminal Azure Cloud Shell

I also want to mention that you can run the Azure Cloud Shell directly from the terminal.

Try out the new terminal today, and if you have any questions, please let me know in the comments.



Azure Bastion Windows VM

Azure Bastion – Private RDP and SSH access to Azure VMs

Azure Bastion is a new service which enables you to have private and fully managed RDP and SSH access to your Azure virtual machines. If you wanted to access your Azure virtual machines using RDP or SSH today, and you were not using a VPN connection, you had to assign a public IP address to the virtual machine. You were able to secure the connection using Azure Just in Time VM access in Azure Security Center. However, this had still some drawbacks. With Azure Bastion you get a private and fully managed service, which you deploy to your Virtual Network, which then allows you to access your VMs directly from the Azure portal using your browser over SSL.

Azure Bastion Architecture

Source: Microsoft Docs

Azure Bastion brings a couple of advantages

  • Removes requirement for a Remote Desktop (RDP) client on your local machine
  • Removes element for a local SSH client
  • No need for local RDP or SSH ports (handy when your company blocks it)
  • Uses secure SSL/TLS encryption
  • No need to assign public IP addresses to your Azure Virtual Machine
  • Works in basically any modern browser on any device (Windows, macOS, Linux, etc.)
  • Better hardening and more straightforward Network Security Group (NSG) management
  • Can remove the need for a Jumpbox

If you want to know more directly here is the link to the Azure Bastion announcement blog and the Microsoft Docs.

Public Preview

Azure Bastion is currently in public preview. The public preview is limited to the following Azure public regions:

  • West US
  • East US
  • West Europe
  • South Central US
  • Australia East
  • Japan East

To participate in this preview, you need to register. Use these steps to register for the preview:

Register-AzureRmProviderFeature -FeatureName AllowBastionHost -ProviderNamespace Microsoft.Network
 
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.Network
 
Get-AzureRmProviderFeature -ProviderNamespace Microsoft.Network

To use the Azure Bastion service, you will also need to use the Azure Portal – Preview.

How to set up an Azure Bastion host for a private RDP and SSH access to Azure VMs

Create Azure Bastion Host

First, you will need to deploy Bastion Host in your virtual network (VNet). The Azure Bastion Host will need at least a /27 subnet.

AzureBastionSubnet

Access Azure virtual machines using Azure Bastion

Azure Bastion integrates natively in the Azure portal. The platform will automatically be detected if Bastion is deployed to the virtual network your virtual machine is in. To connect to a virtual machine, click on the connect button for the virtual machine. Now you can enter your username and password for the virtual machine.

Azure Portal connect to Linux VM SSH

This will now open up a web-based SSL RDP session in the Azure portal to the virtual machine. Again, there is no need to have a public IP address assigned to your virtual machine.

Private access to Azure Linux VM

 

Roadmap – more to come

As Yousef Khalidi (CVP Azure Networking) mentions in his preview announcement blog, the team will add more great capabilities, like Azure Active Directory and MFA support, as well as support for native RDP and SSH clients.

The Azure networking and compute team are doing more great work on creating a great Azure IaaS experience. I hope this gives you an overview of how you can get a private RDP or SSH access to your Azure VM. If you want to know more about the Azure Bastion service, check out the Microsoft Docs for more information. If you have any questions, feel free to leave a comment.



AZ-500 Microsoft Certified Azure Security Engineer Associate

Passed Exam AZ-500 Microsoft Certified Azure Security Engineer Associate

The new Azure Security exam just came out of beta, and I took some time to learn and see if I would pass it. I am happy that I just passed exam AZ-500: Microsoft Azure Security Technologies, which focuses on Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access and protects data, applications, and networks. After passing this exam, you can call yourself a Microsoft Certified: Azure Security Engineer Associate. Azure Security Engineers implement security controls and threat protection, manage identity and access, and protect data, applications, and networks in cloud and hybrid environments as part of the end-to-end infrastructure. That means this exam covers different topics across the Azure infrastructure and many various Azure services like Azure AD, Azure IaaS, Azure Networking, Azure Kubernetes Service (AKS), Databases, Azure Monitor, Azure Security Center and many more.

Exam AZ-500: Microsoft Azure Security Technologies

Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

You can find more detailed information on the Microsoft exam website. There you will find all the skills measured in this exam.

How to prepare for the AZ-500 exam

Microsoft Learn

Microsoft Learn

Exams always have a specific focus; this one covers a broad set of Azure security topics over different Azure services. This means you not only need to have particular security know-how, but also a good overview of the various Azure services. If you don’t have that right now, I recommend that you might start with other exams, such as AZ-900 and AZ-10X for the Microsoft Certified: Azure Administrator Associate. But if you want to go forward with the AZ-500 exam and become a Microsoft Certified: Azure Security Engineer Associate, first have a look at the more detailed information on the Microsoft exam website. Start reading through the Microsoft Docs about the different security topics mentioned in the skills measured, and also get some hands-on experience by trining out the various technologies. My favorite place to learn and understand some tutorial about different topics is Microsoft Learn! On Microsoft learn, you can use a lot of different learning modules, and some of them are focused on Azure Security. If you want to know more about Microsoft learn, check out my blog post: Microsoft Learn – A Great Place To Learn!

At Microsoft Ignite The Tour, our team also presented a session on securing your Azure environment, my session in Amsterdam was recorded, you can watch it here: Microsoft Ignite The Tour 2019 Azure Hybrid Session Recordings.

Are you also interested in becoming Microsoft Azure Certified? Check out my blog posts about why you should become Microsoft Azure Certified, how to pick the right Azure exam certification path and how to prepare and pass a Microsoft Azure certification exam. With that, I wish you happy learning and good luck with the AZ-500 Microsoft Azure Security Technologies exam!



Microsoft Hyper-V Server 2019

Download Hyper-V Server 2019 now

A lot of people have been waiting for this. After the release of Windows Server 2019 back in October 2018, you were able to download Windows Server 2019 Standard, Datacenter and Essentials. Today you can also download Microsoft Hyper-V Server 2019. This is the free version of the Hyper-V role which you can find in Windows Server 2019. It includes all the great Hyper-V virtualization features like the Datacenter Edition. This is especially interesting if you don’t need to license Windows Server VMs, and is ideal when you run Linux Virtual Machines or VDI VMs.

This version of Hyper-V also comes with a lower footprint, since it is only available as Server Core and doesn’t include any other roles and features, which are not related to virtualization. That said, it does not come with other Software Defined Datacenter features like Storage Spaces Direct (S2D). These features are only included in the Windows Server Datacenter edition.

Microsoft Hyper-V Server is a free product that delivers enterprise-class virtualization for your datacenter and hybrid cloud. Microsoft Hyper-V Server 2019 provides new and enhanced features that can help you deliver the scale and performance needs of your mission-critical workloads.

The Windows hypervisor technology is the same as what’s in the Hyper-V role on Windows Server 2019. It is a stand-alone product that contains only the Windows hypervisor, a Windows Server driver model, and virtualization components. It provides a simple and reliable virtualization solution to help you improve your server utilization and reduce costs.

You can download Microsoft Hyper-V Server 2019 ISO from the Microsoft Evaluation Center. You should also have a look at the Windows Admin Center, which is a locally deployed, browser-based app for managing servers, clusters, hyper-converged infrastructure, and Windows 10 PCs

If you want to learn more about the new Hyper-V and Windows Server 2019 features, check out my blog: Windows Server 2019 – What’s coming next



Microsoft Certified Trainer MCT

MCT Microsoft Certified Trainer 2019

After becoming a Microsoft Certified Trainer (MCT) back in 2017, I am happy to let you know that I requalified for the Microsoft Certified Trainer in 2019. Being an MCT again is a great honor and I am happy to be part of this community, even I am now working for Microsoft.

Microsoft Certified Trainers (MCTs) are the premier technical and instructional experts in Microsoft technologies. Join this exclusive group of worldwide Microsoft technical training professionals and reap the benefits of MCT training certification and membership. You will get exclusive benefits as an MCT including access to the complete library of official Microsoft training and certification products, substantial discounts on exams, books, and Microsoft products. In addition, you will be able to use Microsoft readiness resources to help you enhance your training career and engage with other MCT members in an online community forum. You will also receive invitations to exclusive Microsoft and local MCT community events.

Microsoft Certified Trainer 2019-2020

If you want to know more about becoming a Microsoft Certified Trainer or if you want to know more about Microsoft Certifications, please let me know in the comments. If you want to know more about the latest Azure exams like AZ-10X, AZ-30X or AZ-900, check out my blog posts.

You can find a general overview of the new Azure Certifications here. If you have any questions, please let me know in the comments.