Aidan Finn, IT Pro
2,162 FOLLOWERS
Aidan Finn, MVP, has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures. This blog covers Azure, Hyper-V, Windows Server, desktop, systems management, deployment, and so on.
Aidan Finn, IT Pro
1M ago
In this post, I want to discuss how one should design network security in Microsoft Azure, dispensing with past patterns and combatting threats that are crippling businesses today.
The Past
Network security did not change much for a very long time. The classic network design is focused on an edge firewall.”All the bad guys are trying to penetrate our network from the Internet” so we’ll put up a very strong wall at the edge. With that approach, you’ll commonly find the “DMZ” network; a place where things like web proxies and DNS proxies isolate interior users and services from the Internet.
Th ..read more
Aidan Finn, IT Pro
1M ago
This is my updated post on providing information on what the MVP Summit is, what to expect, and some useful tips/tricks in the neighborhood.
This is a big update on a post that I wrote in 2012.
What’s an MVP?
The MVP (Most Valuable Professional) award from Microsoft is exactly that – an award for expert community services relevant to products or services that Microsoft offers.
Microsoft used to describe MVPs as:
MVPs are independent experts who are offered a close connection with people at Microsoft. To acknowledge MVPs’ leadership and provide a platform to help support their efforts, Microso ..read more
Aidan Finn, IT Pro
2M ago
This post will explain how you can connect your Azure network(s) with Oracle Cloud Infrastructure (OCI) via the Oracle Cloud Interconnect.
Background
Many mid-large organisations run applications that are based on Oracle software. When these organisations move to the cloud, they may choose to use Oracle Cloud for their Oracle workloads and Azure for everything else.
But that raises some interesting questions:
How do we connect Azure workloads to Oracle workloads?
If Oracle is hosting data services, how do we minimise latency?
The answer is: The Oracle Cloud Interconnect (OCI).
Microsoft doc ..read more
Aidan Finn, IT Pro
3M ago
This post is going to explain why you should not be putting any compute into your hub VNet.
Background
I was looking at some Azure Landing Zones (reference architectures) from Microsoft before the end of 2023. I was shocked to see compute (VMs) being placed in the hub. Years ago, I learned that putting any kind of compute in the hub eventually leads to issues that are not obvious at first. I would have expected Microsoft to know better.
I posted something on Twitter and LinkedIn. Sure, there were plenty of people that agreed with me. However, there were respondents from Microsoft and elsewhere ..read more
Aidan Finn, IT Pro
3M ago
In this Festive Tech Calendar post, I am going to explain how to get Private Endpoints working in the real world.
Thank you to the team that runs Festive Tech Calendar every year for the work that they do and for raising funds for worthy causes.
Private Endpoints
When The Cloud was first envisioned, it was made a platform that didn’t really take network security seriously. The resources that developers want to use, Platform-as-a-Service (PaaS), were built to only have public endpoints. In the case of Microsoft Azure, if I deploy an App Service Plan, the compute that is provisioned for me share ..read more
Aidan Finn, IT Pro
5M ago
I will share my early experiences with Microsoft Copilot, the positives and negatives, clear up some false expectations, and explain why I think of Generative AI as a digital intern.
What is Generative AI?
The name gives it away. Generative AI generates or creates something from other known things. Examples are:
DALL-E: Creating images, such as Bing Create
Chat GPT: A text-based interface for finding things and generating text, such as the Copilot brand from Microsoft.
Pre-Microsoft
There are lots of brands out there but the one that’s grabbing most of the headlines is Open AI because of Cha ..read more
Aidan Finn, IT Pro
6M ago
Microsoft has announced that the default route, an implicit public IP address, is being deprecated 30 September 2025.
Background
Let’s define “Internet” for the purposes of this post. The Internet includes:
The actual Internet.
Azure services, such as Azure SQL or Azure’s KMS for Windows VMs, that are shared with a public endpoint (IP address).
We have had ways to access those services, including:
Public IP address associated with a NIC of the virtual machine
Load Balancer with a public IP address with the virtual machine being a backend
A NAT Gateway
An appliance, such as a firewall NVA or ..read more
Aidan Finn, IT Pro
6M ago
Something new appeared in recent times: the “Managed Private Endpoint”. What the heck is it? Why would I use it? How is it different from a “Private Endpoint”?
Some Background
As you are probably aware, most PaaS services in Azure have a public endpoint by default. So if I use a Storage Account or Azure SQL, they have a public interface. If I have some security or compliance concerns, I can either:
Switch to a different resource type to solve the problem
Use a Private Endpoint
Private Endpoint is a way to interface with a PaaS resource from a subnet in a virtual network. The resource uses th ..read more
Aidan Finn, IT Pro
6M ago
September is a month of storms. There appears to have been lots of activity in the Azure cloud last month too. Everyone working on Azure should pay attention to the PAY ATTENTION! section.
PAY ATTENTION! Default outbound access for VMs in Azure will be retired— transition to a new method of internet access
On 30 September 2025, default outbound access connectivity for virtual machines in Azure will be retired. After this date, all new VMs that require internet access will need to use explicit outbound connectivity methods such as Azure NAT Gateway, Azure Load Balancer outbound rules, or a dire ..read more
Aidan Finn, IT Pro
7M ago
I spoke at Experts Live Europe last week and this post is a report of my experience at this independently run tech conference.
Experts Live
I cannot claim to be a historian on Experts Live Europe (I’ll call it Experts Live after this) but it’s a brand that I’ve known of for years. Many of the MVPs (Microsoft Valuable Professionals) and community experts that I know have attended and presented at this conference for as long as it has been running. It started off as a System Center-focused event and evolved as Microsoft has done, transitioning to a cloud-focused conference covering M365 and Azur ..read more