Azure Insights: BGP with Azure virtual networks; Deleting Sentinel; Kubernetes Service; Hybrid Identity URLs

October 17 2019

Azure pros share their insights on using BGP with Azure Virtual Network and Azure Firewall, deleting Sentinel connections while keeping data, working with Kubernetes Service and more.

Using BGP with Azure Virtual Network

Aidan Finn explored the role of Border Gateway Protocol, or BGP, within Azure Virtual Networks and Firewalls. BGP helps to add routes around a network, for instance propagating between different subnets. According to Finn, if users are creating a site-to-site VPN connection they can integrate on-premises BGP routing with Azure virtual networks. In fact, using ExpressRoute makes BGP a requirement.

Finn imagined a situation in which a user created a Local Network Gateway in Azure instead of using BGP. In this situation, the network gateway loads networks from the Local Network Gateway and routes through VPN tunnels. Users can have on-prem connections with or without using BGP. He also discussed bi-directional routing and working with Azure Firewall:

By disabling BGP propagation on the firewall subnet, the firewall no longer knows that the route to on-premises networks is via the virtual network gateway. This is one of those scenarios where people claim that their firewall isn't logging traffic or flows – in reality, the traffic is bypassing the firewall because they haven't managed their routing.

Keeping data while deleting Sentinel

About MSDW Editorial Team

More about MSDW Editorial Team