Tag: technology

Application Gateway for Containers: Web Application Firewall support (5)

by erjosito

This post will explore the new support in Azure Application Gateway for Containers (AGC) for Web Application Firewall (WAF) as documented in https://aka.ms/agc/waf. This blog is part of a series: Before we start, kudos need to go to the great Christof Claessens, author of this extremely useful Azure Monitor Workbook to triage WAF logs. Is WAF a big … Continue reading Application Gateway for Containers: Web Application Firewall support (5)

Going beyond 8 peers in Azure Route Server

by erjosito

After a good while without posting anything, I finally decided to slowly recommence again. This first post is about a little BGP trick that may help you increase the scale of Azure Route Server. Typically the maximum number of 8 BGP peers should be enough for most designs, but if you happen to need to … Continue reading Going beyond 8 peers in Azure Route Server

VNet Flow Logs Recipes (part 2): fine-tune your security rules

by erjosito

Right when VNet Flow Logs were launched I blogged about some recipes that help to extract insights out of the different information fields contained in the Flow Logs. After working with VNet Flow Logs and Traffic Analytics for a while now, I thought I could share some additional tips and tricks, this time focusing on … Continue reading VNet Flow Logs Recipes (part 2): fine-tune your security rules

Application Gateway for Containers: a not-so-gentle intro (2)

by erjosito

Have you ever have the feeling that something that should be easy turns into a mine field when you start working on it? I seem to be a specialist in not reading the required documentation and making rookie mistakes. Fortunately, Application Gateway for Containers (AGC) offers enough troubleshooting tools so that I could identify and … Continue reading Application Gateway for Containers: a not-so-gentle intro (2)

Private Link reality bites: Azure Firewall app rules

by erjosito

Welcome to the fourth post in the Private Link Reality Bites series! Before we begin, let me recap the existing episodes of the series: After the last post on Network Address Translation (NAT) for private endpoints, in this one we are going to dive into how to do the same with Azure Firewall proxy technology: … Continue reading Private Link reality bites: Azure Firewall app rules

Interregional traffic in hub-and-spoke

by erjosito

In Azure you have two main ways of managing your virtual network connectivity: self-managed hub-and-spoke and Virtual WAN. Virtual WAN is a solution where Microsoft manages part of your virtual networks for you, and in exchange it gives you some benefits such as any-to-any routing out of the box. However, what if you need that … Continue reading Interregional traffic in hub-and-spoke