Roelf Zomerman is a Microsoft Cloud Solution Architect and Certified Master specializing in Azure, Active Directory, and complex enterprise infrastructures.
16 articles from this blog
Explains how to implement sovereign controls in Azure using policies for data residency, encryption, and confidential computing.
Analyzes hardware differences between hyperscale cloud providers (AWS, Azure) and smaller cloud providers, focusing on custom silicon and security.
Explains and compares the four primary disk encryption options for Azure Virtual Machines, detailing their underlying architectures and use cases.
A guide to deploying Azure Confidential VMs with memory encryption, including a PowerShell script to automate the setup process.
Explores Client-Side Encryption (CSE) and its role in data security, comparing it to server-side methods and discussing its advantages and security considerations.
Compares External Key Store and Azure Managed HSM for secure cryptographic key storage and management in cloud environments.
Explains modern cloud disaster recovery and resilience using Availability Zones, contrasting with legacy data center approaches.
Two PowerShell scripts for migrating Azure VMs, VMSS, disks, and NICs between availability zones or from regional to zonal deployment.
A guide and script for converting existing Azure Virtual Network Gateways to zone-redundant or zonal configurations to leverage Availability Zones.
Explains how to use Microsoft's API and a PowerShell script to check Azure Availability Zone mappings between different subscriptions for deployment planning.
A technical guide on configuring BGP filters on Juniper SRX devices to control route advertisements, specifically for an AnyCast DNS setup.
Explains using an LDAP Proxy with AD LDS to authenticate legacy applications during Active Directory migrations without rewriting them.
Explains how to migrate Active Directory groups between forests using ADMT and Azure AD Connect while maintaining Azure AD links via specific GUID attributes.
Discusses when to create new Azure subscriptions vs. consolidating workloads, focusing on security and management best practices.
Explains how to use DNS Anycast with BGP to simplify Active Directory DNS client configuration across multiple sites and domain controllers.
Guide to deploying Microsoft SQL Server containers in Azure Kubernetes Services (AKS) on Azure Stack HCI, covering persistent volume configuration.
