The use of public cloud is as hot as ever among today’s organizations looking to keep pace with the pressing infrastructure needs of their current and future technology challenges. However, most companies are not able to “throw a switch” and cutover cleanly to public cloud infrastructure. This could be due to compliance or regulatory reasons or other application dependencies.
Hybrid cloud is the mix of both on-premises and public cloud resources and is realistically the layout of infrastructure that most organizations will be looking at for migration or longer-term presence in both on-premises and cloud facilities.
One of the most complex aspects of hybrid cloud deployments and topologies is networking.
How can packets be transferred to and back between on-premises and cloud infrastructure securely and easily?
With Windows Server 2019, Microsoft introduced a new technology called Azure Network Adapter that is set to ease the pain of creating connections between on-premises environments and Microsoft Azure public cloud infrastructure.
First, let’s take a closer look at what is Azure Network Adapter and see how it can be used.
What is Microsoft Azure Network Adapter?
Microsoft Azure Network Adapter found in Windows Server 2019 is a virtual network adapter that creates a point-to-site VPN connection to Microsoft Azure. This allows the ability to have a quick connectivity method from an on-premises Windows Server 2019 server to your Microsoft Azure environment with only a few clicks.
In Windows Server 2019 and using the Windows Admin Center, Microsoft has taken all of the heavy lifting out of the creation process for the VPN between a Windows Server 2019 client and the Microsoft Azure Virtual Network Gateway.
In fact, if you don’t already have an Azure Virtual Network Gateway configured, the “Add Azure Network Adapter” process will create one for you. In creating the Azure Network Adapter, Microsoft also takes care of the certificate creation for the IPSEC connection that is established. All these automated features of the Azure Network Adapter make it a great way to quickly establish connectivity between an on-premises Windows Server 2019 server and Microsoft Azure.
As mentioned, the Azure Network Adapter is only configurable via a GUI through the Windows Admin Center. Windows Admin Center is Microsoft’s new tool for managing and configuring Windows Server operating systems.
A Closer Look at Windows Admin Center
Let’s take a closer look at the Windows Admin center and what it brings to the table for Windows administrators managing Windows environments. Windows Admin Center is currently not included natively in the Windows Server 2019 installation. This is a separate download from Microsoft. Once installed, the WAC is a web interface that allows local or remote (gateway mode) configuration and management of Windows Servers. It is simple and lightweight, secure, and extremely flexible in accessing. It is the way forward for Microsoft for managing Windows Server as it is currently the recommended management tool for Windows Server 2019. Some features are only manageable or accessible through the WAC. Storage Spaces Direct installations can be managed from WAC as well.
One of the exclusive features configurable from WAC is the Azure Network Adapter.
Configuring Azure Network Adapter from Windows Admin Center
Using Windows Admin Center, administrators can add, configure and access the Azure Network Adapter easily to a Windows Server 2019 server once connected to the Microsoft Azure environment.
Under the Settings page, Azure, you will find the configuration to connect your on-premises Windows Server to your Microsoft Azure environment.
Once the Windows Server is registered with Microsoft Azure, the Azure Network Adapter can be added. This registration process involves the following:
- Generate a code to register the gateway with Azure
- Logging into Microsoft Azure using your Azure account
- Granting permissions on the registered application
- Connecting the on-premises server to Azure once the gateway is finished configuring
- ***Optional*** – Additional firewall ports may be needed to successfully connect to the Azure environment
After registering the connection with Azure, logging in, and finally granting permissions, you can Add Azure Network Adapter.
The wizard to follow will allow you to choose the Azure subscription you want to use for the Azure network adapter, location of the resource, virtual network, and the gateway subnet. After this information is populated, the creation of the Azure Network Adapter and VPN connection with Azure will complete.
Note, the process could take between 20-30 minutes, depending on the existence of an Azure Virtual Network Gateway. So, don’t be alarmed if it takes a while for the provisioning process on the Azure side.
Azure Network Adapter Use Cases
- As mentioned, the Azure Network Adapter is a great choice for quickly connecting one-off servers to your Azure public cloud network. It is mostly not feasible if you have dozens of servers that need to be connected to Azure. This will be better handled through a site-to-site VPN connection, etc
- However, for certain use cases, such as in an edge environment potentially where infrastructure is hard to come by and there may not be a firewall with these types of capabilities in place, the Azure Network Adapter is a great way to fill this gap
- Additionally, if you have a development environment in Azure that you need to quickly connect on-premises resources for testing or POC, this would be a great solution as well
The Azure Network Adapter is a great example of how Microsoft has made hybrid cloud much more easily attainable with Windows Server 2019. Windows Admin Center provides a powerful GUI frontend to easily spin up complex infrastructure connections with just a small amount of configuration. The Azure Network Adapter configuration process takes care of the heavy lifting by creating the underlying resources in the Azure side as well as handling the certificate creation required for the IPSEC communication.