Azure virutal network encryption

Introduction

In episode 228 of our SAP on Azure video podcast we talk about Azure vnet encryption. A few weeks back we had Evren Buyruk on our show where he started to talk about networking and security. Since we could not spend a lot of time on this topic, we decided to have a deep dive. So today Evren together with Daniel Mauser will share more insights on Azure vnet encryption and show you also an impressive demo.

Find all the links mentioned here: https://www.saponazurepodcast.de/episode228

Reach out to us for any feedback / questions:

• Robert Boban: https://www.linkedin.com/in/rboban/
• Goran Condric: https://www.linkedin.com/in/gorancondric/
• Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/

#Microsoft #SAP #Azure #SAPonAzure #Networking #Security

Summary created by AI

• Introduction of Participants:
• Holger introduced the episode and welcomed participants, including Robert, Cora, Evren, and Daniel, who are experts in networking and security.
• Overview of Azure VNET Encryption:
• Evren and Daniel provided an overview of Azure VNET encryption, explaining its importance for secure communication between virtual machines and its availability in all Azure public regions.
• Technical Details of VNET Encryption:
• Evren explained the technical details of VNET encryption, including the use of FPGA, DTLS tunnels, and the importance of accelerated networking for enabling encryption.
• Support Scenarios and Limitations:
• Evren discussed the support scenarios and limitations of VNET encryption, highlighting its compatibility with various Azure services and the importance of using supported VM SKUs.
• Demo of VNET Encryption:
• Daniel demonstrated the implementation of VNET encryption in a lab environment, showing how to enable accelerated networking, configure VNET encryption, and verify encrypted traffic using flow logs.
• Customer Adoption and Benefits:
• Evren shared a success story of a large customer adopting VNET encryption, emphasizing the benefits of end-to-end encryption and the lack of performance impact or additional cost.
• Conclusion and Next Steps:
• Holger thanked Evren and Daniel for their insights and demo, and expressed interest in having them back on the show for future discussions.

• What is Azure Virtual Network encryption?
• Lab: Azure Virtual Network Encryption

• 0:00 Intro
• 1:00 Introducing Daniel Mauser and Evren Buyruk
• 5:50 Virtual Network Encryption - What is it?
• 6:30 Agenda
• 7:20 Azure Virtual Network Encryption - Intra DC
• 14:00 DTLS Tunnel with Virtual Network Encryption
• 20:15 Azure Virtual Network Encryption - Supported Scenarios
• 22:40 Azure Virtual Network Encryption - Limitations
• 26:35 Tips on Azure Virtual Network Encryption
• 30:15 Draft Vnet encryption architecture
• 38:10 Lab available in GitHub
• 41:00 Testing from Visual Studio Code
• 43:30 Looking at the Azure Portal
• 56:10 Running the probes
• 53:10 Overhead on performance and costs