Aidan Finn is a Microsoft Azure MVP with nearly three decades of experience in IT, specializing in Microsoft infrastructure, cloud architecture, and secure Azure solutions. Through his company Cloud Mechanix, he delivers real-world training and consulting based on hands-on experience, and regularly shares independent, opinionated insights with the global Microsoft community.
26 articles from this blog
Argues against using Azure Virtual WAN for SD-WAN implementations, citing complexity and limitations, and suggests alternative network architectures.
A guide to troubleshooting and tracing network packets in Microsoft Azure environments, covering common scenarios like RDP, PaaS, SSL, and complex routing.
A technical case study on diagnosing and troubleshooting a persistent RDP connection issue to an Azure VM, exploring both platform and guest OS causes.
Analysis of Azure's new Virtual Network Routing Appliance preview, questioning its purpose and target audience in typical Azure networks.
Explains how to use Azure Policy to automatically enable Virtual Network Flow Logs across many VNets for security and troubleshooting.
A Microsoft MVP reflects on receiving his 18th award, his career shift to focus on his Azure training company, and his work in Azure networking.
A guide to implementing a hub-and-spoke network architecture using Azure Virtual Network Manager for connectivity, security, and standardization.
A discussion on Azure networking fundamentals, challenging the common understanding of Azure Virtual Networks and explaining common misconceptions.
Analyzes the geopolitical risks for European organizations using American cloud services (AWS, Azure, GCP) due to declining trans-Atlantic trust.
A guide to planning and designing a hub and spoke cloud network architecture, focusing on principles like resilience, micro-segmentation, and cost management.
A guide to designing a hub virtual network for a secure hub & spoke architecture in Microsoft Azure, focusing on core principles and functions.
Explains why traditional DMZ and secure zone network designs offer little security in Azure, advocating for modern micro-segmentation approaches.
Explains the critical role of micro-segmentation in Azure network security, using analogies and Microsoft's zero-trust principles to advocate for proactive defense.
A deep dive into Azure Route Table planning, comparing 1:N vs 1:1 subnet associations and recommending a granular, automated approach.
Explains the layers of routing in Azure networking, debunking common misconceptions and detailing how NICs act as routers.
Explains why routing is critical for security in Azure networks and how misconfigurations can bypass firewalls.
Explains why traditional subnet logic doesn't apply in Azure and how to design secure network segmentation using NSGs instead.
Explains a critical security misconception in Azure Network Security Groups: the 'VirtualNetwork' default rule allows traffic from more sources than expected, creating a vulnerability.
Explains how Azure Network Security Groups (NSGs) work, tracing their origins to Hyper-V Port ACLs and covering Admin Rules.
Explores Azure's disaster recovery features for when an entire region is destroyed, covering availability zones, paired regions, and resilience strategies.
