Microsoft Cloud Workshop: Hybrid identity (40573G)

In this workshop, you will learn to setup and configure a hybrid identity solution that integrates an existing on-premises identity solution with Azure. You will learn how to secure the virtual network by deploying a network virtual appliance and configure firewall rules and route tables. Additionally, you will set up access to the virtual network with a jump box and a site-to-site VPN connection.


Audience Profile

This workshop is intended for Cloud Architects and IT professionals who have architectural expertise of infrastructure and solutions design in cloud technologies and want to learn more about Azure and Azure services as described in the ‘About this Course’ and ‘At Course Completion’ areas. Those attending this workshop should also be experienced in other non-Microsoft cloud technologies, meet the course prerequisites, and want to cross-train on Azure.


At Course Completion

At the end of this workshop, you will be better able:

  • Design virtual networks in Azure with multiple subnets to filter and control network traffic.
  • Ceate a virtual network and provision subnets.
  • Create route tables with required routes.
  • Build a management jump box.
  • Configure firewalls to control traffic flow.
  • Configure site-to-site connectivity.


Prerequisites

Workshop content presumes 300-level of architectural expertise of infrastructure and solutions design. We suggest students take this prerequisite prior to attending this workshop;

  • Microsoft Azure Essentials course
mostrar detailes


Course Outline


Module 1: Whiteboard Design Session - Hybrid identity

In this workshop, you will learn to setup and configure a hybrid identity solution that integrates an existing on-premises identity solution with Azure. You will learn how to secure the virtual network by deploying a network virtual appliance and configure firewall rules and route tables. Additionally, you will set up access to the virtual network with a jump box and a site-to-site VPN connection.

Lessons

  • Review the customer case study
  • Design a proof of concept solution
  • Present the solution


Module 2: Hands-On Lab - Hybrid identity

In this hands-on lab you will setup and configure a number of different hybrid identity scenarios. The scenarios involve an Active Directory single-domain forest named contoso.local, which in this lab environment, consists (for simplicity reasons) of a single domain controller named DC1 and a single domain member server named APP1. The intention is to explore Azure AD-related capabilities that allow you to integrate Active Directory with Azure Active Directory, optimize hybrid authentication and authorization, and provide secure access to on-premises resources from Internet for both organizational users and users who are members of partner organizations.

Lessons

  • Integrate an Active Directory forest with an Azure Active Directory tenant.
  • Manage Authentication, Authorization, and Access Control in Hybrid Scenarios.
  • Configure application access in hybrid scenarios.