Blogs by Ashwin

  Network Security It is required for any SAP production system installed on Azure to operate in Virtual Private Network(s) which is/are connected to your datacenters with Azure site-to-site or ExpressRoute connectivity. End-user access to the application should be routed through your company's intranet and the Azure's site-to-site or ExpressRoute connections to the applications hosted in Azure VM Services. This way, the network and other security policies defined for on-premises applications are extended to the application in the Azure VMs. A design that is NOT supported is the segregation of the SAP application and DBMS layers into different Azure VMs that are not peered with each other. It is recommended to segregate the SAP application and DBMS layers by using subnets within an Azure virtual network instead of using the different Azure virtual networks. But, if you segregate the two layers into the different virtual networks, the two virtual networks need to be peered. The ...

  To read part 1 please click  here Traffic Manager A DNA-based traffic load balancer Azure Traffic Manager enables you to distribute the traffic in the most favorable way to the services across global Azure regions, while readily offering high availability and responsiveness. It provides a vast range of traffic-routing methods and endpoint monitoring options that suits different application needs as well as automatic failover models which makes it resilient to any kind of failure, including the failure of an entire Azure region.  Routing Azure implements a default routing configuration granting basic connectivity, ability to reach the internet and to communicate with the other resources on the same or directly connected virtual; networks. This default configuration can be modified in the following ways: Creating user-defined routes, which are known as the route tables with one or more rules altering the default routing behavior as well as associate them with virtual netw...

  To read part 2 please click  here Azure Virtual Networks Azure Virtual Networks provides direct, private IP-based connectivity between network-attached resources, like Azure VMs while supporting Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP).  A virtual network consists of one or more subnets which can easily facilitates segmentation of networks, providing a means of controlling communication network resources. VMs generally uses a virtual network adapter to attach to a subnet to communicate with the other VMs as well as the other network resources like load balancers or gateways. The maximum number of network adapters that you can use depends on its size.  IP Addressing A unique private IP address is generally allotted to a network adapter of a VM, an internal Azure load balancer, or an application gateway from the IP address range of the subnet to which they are connected. Most of the Azure resource...