Azure Insights: IoT; Web app security; Storage Accounts; Exam prep

Source:-msdynamicsworld.com

April 20 2020

Microsoft Azure pros share their latest advice on working with Azure IoT, security for web apps, launching Storage Accounts and exam prep.

Making sense of Azure IoT

Writing on Build5Nines, Chris Pietschmann explored Azure IoT from the perspective of an admin. Many users are already familiar with the rose of IoT (short for Internet of Things), which adds network connectivity to sensors and industrial devices. Cloud technology has further expanded IoT, adding in an AI and machine learning-based automation layer for managed more intelligently at larger scale.

Over time, Microsoft has built a substantial portfolio of SDKs for IoT and provides a variety of Azure services. Among them are IoT Central, which helps with creating IoT solutions, IoT Hub, a scalable messaging broker, IoT Device Provisioning Service, Maps and Time Series Insights. IoT Edge assists with deployments at the edge of the network, while Sphere improves security and Digital Twins generates models of physical environments. He wrote:

A common design pattern used when building a modern IoT solution (with Azure IoT or otherwise) is the Lambda Architecture pattern. The Lambda Architecture design pattern is a data processing pattern designed for Internet of Things (IoT) and other Big Data systems that need to process data in near real-time, in addition to data storage and batch processing. Once device events are ingested from thousands (or even millions) of IoT devices, the processing of the data really becomes a Big Data problem to solve, and that’s where the Lambda Architecture comes in.

Planning for web apps

Karim Vaes posed the question “What do I put in front of my web application to secure it?” According to Microsoft documentation, both Application Gateway and Azure Front Door can be configured to act as a Web Application Firewall, but the difference is that Application Gateway can operate in a “detection only” mode, using out of the box rules for a security baseline. It can also be injected into a VNet, whereas Front Door is based on a public endpoint.

Both Front Door and Traffic Manager offer ways to deploy web apps across multiple regions. Traffic Manager is DNS-based, acting as a redirection mechanism, with Front Door acting as a “reverse proxy.” On the subject of caching, Vaes looked at both CDN and Front Door and wrote:

Both will do caching (check the links above), though they differ in the sweet spots. Azure Front Door will cache files up to 8MB (as a side trait), where you should think that this is mainly done to optimize the delivery of your “web app”. Azure CDN its core function is caching… It was built to ensure that your files would be distributed world wide and delivered from a local pop.

He added that looking across all the services, each one offers some type of DDoS attack protection.

Spinning up an Azure Storage account

Also on Build5Nines, Chris Pietschmann shared how to use Azure PowerShell to spin up a new Storage Accounts and Storage Containers. Currently, VMs, Diagnostics logs and other services rely on Storage Accounts to host data and users can also leverage it to host binary data and blobs. He demonstrated how to run a cmdlet in PowerShell, noting that Storage Accounts have different naming conventions than other resources. For example, names must be between three and 24 characters, with lowercase letters and numbers without special characters and have to be unique across all customers.

As for Storage Containers, he wrote:

However, before you can create the storage container, you must first create a reference to a Storage Account Context, then you will use this context to tell the New-AzStorageContainer cmdlet which storage account to create the storage container within. You can use the Get-AzStorageAccount cmdlet to retrieve a storage account context and assign it to a variable. Alternatively, you could also set the variable at the time of creating the storage account as well.

Pietschmann also explained pricing tiers, permissions, and installing the PowerShell Az.Storage Module.

Prepping for the Azure Architect Design exam

Microsoft senior cloud advocate Thomas Maurer shared a few tips on the Architect Technologies and Architect Design exams for Azure. Microsoft Learn is a great source of free training material for users to get started with their training and Maurer encouraged others users to rely on Microsoft Docs as a source for prep.

Major components of the exams include design monitoring, with a focus on logging, monitoring, and cost optimization or identity and security. Data storage, business continuity and infrastructure are also major themes.

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x