Nino shares his practical experience and insides in solving problems related to Azure Costs and Governance. He also presents some practical techniques he uses to manage some of the most important tasks in Azure using Microsoft Excel, and advanced ideas for developers to combine these tools with Azure.

1. Azure Governance unleashed
Integration Monday
Speaker: Nino Crudele
nino.crudele@live.com

2. This is and interactive session

3. About Me
• I am a freelance (Consulting focus on Azure
Governance and Cybersecurity)
• Global Azure Lead @Hexagon
• Microsoft Azure MVP since 2006
• Certified Ethical Hacker (CEH)
• Blogger and IT community contributor
• Hacker and Security Alchemist
• Skateboarder for life nino.crudele@live.com

4. About you
• How many of you are using Azure?
• How many of you are working in the governance area
• How many of you are working in the infrastructure area?
• How many of you are working in the development area?
• How many of you are working in the management area?
• Any big doubt you would like to cover in this session?

5. My story

6. A brief introduction about Hexagon
•Global company
•Working in many sectors
•Several Azure EA and subscriptions
•Many different internal realities
•Many different departments and projects

7. Some of my first tasks
• Who is using Azure and for what?
• Are we using Azure correctly?
• Provide internal best practices
• Provide a consolidate internal cost management.
• Recharge departments.
• Provide a cost strategy and practice.
• How to save costs?
• Organize and skill the internal teams
• Create internal policies for Azure
• Create security strategy
• Provide 360 support and advices

9. What you will learn todayWe know what is
best for you!
We work in
Azure since the
1990!

10. You don’t know a damn
thing about Azure!

12. Organise resources
(Human and Technical)

13. Human- Organization & teams
CEO
CFO-CIO-
CTO
IT – SOC- DEV
Internal and Microsoft
support
Users - Customers

14. Microsoft Engagement
EA/Account
Portal
Azure AD
account.omnimicrosoft.com
RBAC

15. Management Group
• A container for Subscriptions
• Root is the default one
• The Root is tied to the Tenant
• A must in enterprise scenarios

16. Subscription
• It is a business contract
• Tied to the tenant
• A great costs container
• Separated for the others subs
• Microsoft invoices on subscription

17. Resource Group
• It is a namespace in subscription
• Togroupresources
• Great to organise resources
• Only option to manage costs
in single subscription (+Tags)

18. Dependencies

19. Naming standards

20. Costs

21. Costs
Enterprise Company
Azure EA
Small Business
(Single subscription)
Use SubscriptionsUse RG and Tags

22. Costs
• Power BI
• Cost Management Portal
• API Consumption
• Third party products
(SoftwareONE Italia- Alessandro Colasanti)

23. Negotiation and Discount

24. Am I spending to much?
Why in US they look so
happy?

25. The Price Sheet

26. EA Portal

27. Policies

28. Prevention with Policies

29. Network

30. Internet
Latency

31. The Backbone

32. Network optimization
•EXPRESSROUTE to join the Backbone
•TCPIP compression – for example
Riverbed
•Content Delivery Network (CDN)

33. Connect
from
On-premise

34. Cybersecurity

35. Most critical areas
Azure AD+RBAC
Privileged
escalation
Storage
Phishing
Ransomware
Network
DDOS
RDP / SSH

36. Shodan

37. Internal SOC
Organise internal challenges

38. Kali

39. Parrot

40. Azure AD and RBAC

41. Microsoft Engagement
EA/Account
Portal
Azure AD
account.omnimicrosoft.com
RBAC

42. Management
Group
Resource
Group 1
Subscription
VMs/Apps/DBs
Main tenant provided by Microsoft
Tenant
The root management group is tied to the main Tenant
Root
All the sub management groups depends by
the Root management group
The subscription is contract tied to the Tenant and contained
in a management group (in the Root at the first time)
A namespace to organise the resources
The resource is a single logical entity in the resource group
Dependencies

43. Authentication and
Authorization
Weakness

44. Automation
• Blueprint
• Azure DevOps
• Terraform

45. Questions

46. Thank you