Microsoft Azure: Intégration et Sécurité

Successful Azure Administrators start this role with experience on operating systems, virtualization, cloud infrastructure, storage structures, and networking.

• Use Azure Migrate to discover and assess on-premises virtual machine migration to Azure
• Use Azure Site Recovery to migrate Hyper-V infrastructures to Azure
• Review migration strategies for VMWare and System Center VMM virtual machines
• Implement use cases and configuration options for Azure App Services and App Service Environments
• Manage and secure web apps with backup, restore, snapshot, and cloning
• Optimize your web app performance with Scale Up, Scale Out, Autoscale, and Grow out strategies
• Deploy serverless computing features like Azure Functions, Event Grid, and Service Bus
• Implement and configure Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway
• Implement and configure Site-to-Site VPN connections and ExpressRoute
• Implement and configure Network Watcher and troubleshooting common network issues
• Use Azure RBAC to grant a granular level of access based on an administrator’s assigned tasks
• Use Azure Multi-Factor Authentication to configure a strong authentication for users at sign-in
• User Azure AD Privileged Identity Management to configure access rights based on just-in-time administration

This course provides students with the key knowledge to help prepare for Exam AZ-101.
This course teaches IT professionals how to discover, assess, plan and implement a migration of on-premises resources and infrastructure to Azure. Students will learn how to use Azure Migrate to perform the discovery and assessment phase that is critical to a successful migration. Students will also learn how to use Azure Site Recovery for performing the actual migration of workloads to Azure.
Delegates will learn how to manage and maintain the infrastructure for the core web apps and services that developers build and deploy. Students will learn how Azure App Service is used as a Platform as a Service PaaS offering for deploying cloud apps for web and mobile environments.

IT Professionals will learn how to implement and configure different Azure networking traffic distribution mechanisms, including Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway. Students will also learn how to implement site connectivity for multiple scenarios including cross-premises and hybrid configurations, as well as extending on-premises networks into the Microsoft cloud over a dedicated private connection, using Azure ExpressRoute.

This course teaches IT Professionals to understand the challenges that organizations face in keeping modern IT environments secure, as the more distributed environments that are part of a cloud-first or hybrid world have rapidly created new security challenges for IT. The course focuses on three key areas in the defense against attackers who target security vulnerabilities, resulting particularly from credential theft and compromised identities: Role-Based Access Control RBAC, Multi-Factor Authentication MFA, and Azure Active Directory Privileged Identity Management PIM.

Module 1: Managing Azure Active Directory

In this module, you will be introduced to Azure migration projects and specifically Azure Migrate. Azure Migrate will be your tool of choice for automated server discovery and workload sizing. You will step through the process of using Azure Migrate to create a project, create a collector, assess machine readiness, and estimate cost.

Lessons

• Overview of Cloud Migration
• Azure Migrate: The Process

After completing this module, students will be able to:

• Use Azure Migrate to discover and assess on-premises virtual machine migration to Azure.

Module 2: Azure Site Recovery

In this module, you will be introduced to Azure Site Recovery ASR. ASR will be your primary tool for migrating workloads to Azure. You will learn which scenarios are most appropriate for ASR and the features that the product provides. You will also learn how to use the ASR deployment planner to ensure your infrastructure is ready for migration. Lastly, you will walk through the process of implementing ASR on a Hyper-V infrastructure.

Lessons

• Overview of ASR
• Preparing the Infrastructure
• Completing the Migration Process

After completing this module, students will be able to:

• Use Azure Site Recovery to migrate Hyper-V infrastructures to Azure.

Module 3: Additional Migration Scenarios

In this module, you will complete your study of Azure migration by looking at two different migration scenarios. In the first scenario you will see how to migrate VMware vSphere Hypervisor virtual machines to Azure using ASR. In the second video series we will migrate System Center VMM Hyper-V machines.

Lessons

• VMWare Migration
• System Center VMM Migration: Video Walkthrough

After completing this module, students will be able to:

• Review migration strategies for VMWare and System Center VMM virtual machines.

Module 4: Introducing the Azure App Service Platform

In this module, you will be introduced to the Azure App Services Platform. You will learn about app service plans, web app hosting options, app service scenarios and how to monitor apps. You will also learn about how to isolate apps with App Service Environments.

Lessons

• Introducing Azure App Service
• App Service Environments

After completing this module, students will be able to:

• Implement use cases and configuration options for Azure App Services and App Service Environments.

Module 5: Managing and Securing Web Apps

In this module, you will learn how to deploy your app with minimal downtime. You will also learn how to backup, restore, snapshot, and clone your app. Lastly, you will implement security features like authentication options and authentication providers.

Lessons

• Deploying Web Apps
• Managing Web Apps
• App Service Security

After completing this module, students will be able to:

• Manage and secure web apps with backup, restore, snapshot, and cloning.

Module 6: Scaling and Performance

In this module, you will learn how to ensure your app performs under various workloads. You will learn how to scale up and scale out your app. You will learn how to automatically scale your app and to grow out the app through geo-distribution. Lastly you will learn how CDN provides a way to optimize bandwidth and web traffic.

Lessons

• Scale Up and Scale Out
• Autoscale and Grow out
• Optimizing Bandwidth and Web Traffic

After completing this module, students will be able to:

• Optimize your web app performance with Scale Up, Scale Out, Autoscale, and Grow out strategies.

Module 7: Deploying Serverless Computing Solutions

In the module, you will learn what serverless computing is and what it provides. You will implement three serverless computing solutions: Azure Functions, Event Grid, and Service Bus. Azure Functions provide small pieces of code, or 'functions,' that run in the cloud. Event Grid is a service for managing routing of all events from any source to any destination. Service Bus multi-tenant cloud messaging service that sends information between applications and services.

Lessons

• Serverless Computing Concepts
• Managing Azure Functions
• Managing Event Grid
• Managing Service Bus
• Managing Logic App

After completing this module, students will be able to:

• Deploy serverless computing features like Azure Functions, Event Grid, and Service Bus.

Module 8: Distributing Network Traffic

In this module, you will learn about three ways to distribute network traffic: Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway. The Azure Load Balancer delivers high availability and network performance to your applications. The Azure Traffic Manager allows you to control the distribution of user traffic to your service endpoints. The Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.

Lessons

• Overview of Network Traffic Distribution Options
• Azure Load Balancer
• Azure Traffic Manager
• Azure Application Gateway

After completing this module, students will be able to:

• Implement and configure Azure Load Balancer, Azure Traffic Manager, and Azure Application Gateway.

Module 9: Site Connectivity

In this module, you will learn and implement two ways to connect your virtual networks: Site-to-Site VPN Connections and ExpressRoute. Site-to-Site VPN connections provide secure tunneling for cross-premises and hybrid configurations. ExpressRoute extends your on-premises networks into the Microsoft cloud over a dedicated private connection facilitated by a connectivity provider.

Lessons

• Site-to-Site VPN Connections
• ExpressRoute

After completing this module, students will be able to:

• Implement and configure Site-to-Site VPN connections and ExpressRoute.

Module 10: Monitoring and Troubleshooting Network Connectivity

In this module, you will learn important skills around troubleshooting virtual network connectivity. The primary tool discussed is Azure Network Watcher. Azure Network Watcher provides IP flow verification, VPN diagnostics, NSG views and flows, and next hop analysis.

Lessons

• Introducing Network Watcher
• Implementing Network Watcher
• Network Troubleshooting Examples

After completing this module, students will be able to:

• Implement and configure Network Watcher and troubleshooting common network issues.

Module 11: Introduction to Identity Protection in Azure

In this module, you’ll learn about Role-Based Access Control as the foundation to organizing and managing an organization’s administrative access based on the principle of least privilege. You will also review Azure Active Directory concepts, as well as gaining insight into the threat landscape and security risks that are exposed to IT organizations through breach of privileged access.

Lessons

• Role-Based Access Control
• Azure Active Directory Refresher
• Protecting Privileged Access in the Environment

After completing this module, students will be able to:

• Use Azure RBAC to grant a granular level of access based on an administrator’s assigned tasks.

Module 12: Using Multi-Factor Authentication for Secure Access

In this module, you’ll learn about securing the sign-in process through Multi-Factor Authentication MFA. You’ll learn how MFA works and the differences in implementation between on-premises and cloud scenarios. You’ll also learn about using conditional access policies to provide more fine-grained control over apps and resources in your environment.

Lessons

• Introducing Multi-Factor Authentication
• Implementing MFA

After completing this module, students will be able to:

• Use Azure Multi-Factor Authentication to configure a strong authentication for users at sign-in.

Module 13: Azure AD Privileged Identity Management

In this module, you’ll learn how to use Azure Privileged Identity Management PIM to enable just-in-time administration and control the number of users who can perform privileged operations. You’ll also learn about the different directory roles available as well as newer functionality that includes PIM being expanded to role assignments at the resource level.

Lessons

• Getting Started with PIM
• PIM Security Wizard
• PIM for Directory Roles
• PIM for Role Resources

After completing this module, students will be able to:

• User Azure AD Privileged Identity Management to configure access rights based on just-in-time administration.