Introduction xixChapter 1 The Cloud and Microsoft Azure Fundamentals 1The Evolution of the Datacenter 1Introducing the Cloud 2The Private Cloud and Virtualization 4Types of Service in the Cloud 10Microsoft Azure 101 13Microsoft Datacenters and Regions 14Microsoft Network 24Azure Resource Providers 26Getting Access to Microsoft Azure 30Free Azure Trials and Pay-as-You-Go 31Azure Benefits from Visual Studio Subscriptions 31Enterprise Enrollments for Azure 33Reserved Instances and Azure Hybrid Benefit 37Reserved Instances 37Azure Hybrid Benefit 39Increasing Azure Limits 40The Azure Portal 41Portal Basics 42Azure Portal Dashboards 45Chapter 2 Governance 47What is Governance? 47Understanding Governance Requirements in Your Organization 49Azure Subscriptions and Management Groups 52Subscriptions 52Management Groups 55Resource Groups 62Role-Based Access Control 63Naming Conventions 69Using Tags 70Azure Policy 75Azure Templates 80Azure Blueprints 83Azure Resource Graph 86Cost Management 88Visibility 89Accountability 91Optimization 93Chapter 3 Identity 95The Importance of Identity 95A Brief Refresher on Active Directory 97Using Cloud Services, Federation and Cloud Authentication 98Federation 98Cloud Authentication and Authorization 101Azure Active Directory Fundamentals 103Azure AD SKUs 106Populating Azure AD 108Azure AD B2B 122Azure AD Authentication Options 128Azure AD Groups 137Azure AD Entitlements and Application Publishing 138Chapter 4 Identity Security and Extended Identity Services 145Azure AD Security 145Multi-Factor Authentication 145Password Policies 149Azure AD Conditional Access 150Azure AD Identity Protection 153Azure AD Log Inspection 154Azure AD Privileged Identity Management 156Azure Advanced Threat Protection 158Azure AD Application Proxy 158Azure AD B2C 160Active Directory in the Cloud 162Active Directory Site Configuration 163Placing a Domain Controller in Azure 164Azure AD Domain Services 167Chapter 5 Networking 171Connectivity 171Virtual Networks 171Adding a VM to a Virtual Network 174NIC IP Configurations 174Reserved IPs for VM 176Accelerated Networking 177Azure DNS Services and Configuration Options 177Connecting Virtual Networks 178Connectivity to Azure 181Azure Virtual WANs and ExpressRoute Global Reach 193PaaS VNet Integration 194Protection 196Network Security Groups and Application Security Groups 196Firewall Virtual Appliances 199Distributed Denial-of-Service Protection 202Delivery 202Intra-Region Load Balancing 203Inter-Region Load Balancing 206Monitoring 210Chapter 6 Storage 213Azure Storage Services 213Azure Storage Architecture 213Using Storage Accounts and Types of Replication 215Storage Account Keys 219Azure Storage Services 221Storage with Azure VMs 235VM Storage Basics 235Temporary Storage 236Managed Disks 237Bulk Data Options 242Azure Import/Export and Azure Data Box Disk 242Azure Data Box 242Azure Data Box Gateway and Data Box Edge 242Azure Database Offerings 243Azure SQL Database 243Azure Cosmos DB 246Chapter 7 Azure Compute 249Virtual Machines 249Fundamentals of IaaS 249Types of Virtual Machines 252Azure VM Agent and Extensions 258Boot Diagnostics 260Ephemeral OS Disks 261Proximity Placement Groups 262Virtual Machine Scale Sets 263Low-Priority VMs 264Azure Dedicated Host 264Windows Virtual Desktop 265VMware in Azure? 265Platform as a Service Offerings 266Containers 266Azure Application Services 275Azure Serverless Compute Services 278Chapter 8 Azure Stack 281Azure Stack Foundation 281Azure Stack 101 281Services Available on Azure Stack 284How to Buy Azure Stack 285When to Use Azure Stack 287Managing Azure Stack 288How to Interact with Azure Stack 288Marketplace Syndication 290Plans, Offers, and Subscriptions 292Updating Azure Stack 294Privileged Endpoint and Support Session Tokens 295Understanding Azure Stack HCI 296Chapter 9 Backup, High Availability, Disaster Recovery, and Migration 297Availability 101 297Distinguishing High Availability vs. Disaster Recovery vs. Backup 297Understanding Application Structure and Requirements 299Architecting for Multi-Region Application Deployments 301Backups in Azure 305Thinking About Backups 305Using Azure Backup 307High Availability in Azure 311Disaster Recovery in Azure 312On-Premises Disaster Recovery 313On Premises to Azure Disaster Recovery 314Azure to Azure 317Migrating Workloads to Azure 318Migration Benefits 319Migration Approaches 320Migration Phases 320Chapter 10 Monitoring and Security 325Azure Monitoring 325Why Monitor? 325Types of Telemetry in Azure 326Azure Monitor Fundamentals 329Azure Monitor Logs Fundamentals 334Alerting 341Security in Azure 350Advanced Threat Protection (ATP) 350Azure Security Center (ASC) 353Azure Sentinel 355Keeping Secrets with Azure Key Vault and Managed Identities 357Chapter 11 Managing Azure 359Command Line, Scripting, and Automation with Azure 359Using PowerShell with Azure 360Using the CLI with Azure 370Leveraging Azure Cloud Shell 371Automating with Azure Automation and Azure Functions 376Deploying Resources with ARM JSON Templates 383Everything is JSON 383Anatomy of an ARM JSON Template 386Template Tips 389Additional Useful Technologies for Azure Management 393Azure Bastion Host 393Windows Admin Center 395Chapter 12 What to Do Next 399Understanding and Addressing Azure Barriers 399Building Trust 400Understanding Risks for Azure 400Why You Should Use Azure and Getting Started 408Understanding Azure's Place in the Market 408First Steps with Azure IaaS 411Index 415

John Savill is a technical specialist who focuses on Microsoft core infrastructure technologies including Microsoft Azure, Windows, and Hyper-V. An 11-time Microsoft MVP, an Azure Solutions Architect Expert and he is also ITIL certified and a CISSP. John has been working with Microsoft technologies for more than 25 years and was the creator of the highly popular NT FAQ website. The author of Mastering Windows Server 2016 Hyper-V and Mastering Microsoft Azure Infrastructure Services, he has a large library of courses on Pluralsight that are linked directly from Azure.com and regularly writes articles and whitepapers along with creating technology videos for his YouTube channel, http://onboardtoazure.com.