AZ-801: Configuring Windows Server Hybrid Advanced Services

Descripción del curso: AZ-801: Configuring Windows Server Hybrid Advanced Services

En este curso se enseña a los profesionales de TI a configurar servicios avanzados de Windows Server mediante tecnologías locales, híbridas y en la nube. En el curso se enseña a los profesionales de TI a aprovechar las capacidades híbridas de Azure, cómo migrar cargas de trabajo de servidores físicos y virtuales a IaaS de Azure y cómo proteger las máquinas virtuales de Azure que ejecutan Windows Server. También se enseña a los profesionales de TI a realizar tareas relacionadas con la alta disponibilidad, la solución de problemas y la recuperación ante desastres. Se resaltan herramientas y tecnologías administrativas, entre las que se incluyen Windows Admin Center, PowerShell, Azure Arc, Azure Automation Update Management, Microsoft Defender for Identity, Azure Security Center, Azure Migrate y Azure Monitor.


Perfil del público

Este curso de cuatro días está destinado a los administradores híbridos de Windows Server que tienen experiencia con Windows Server y desean ampliar las funcionalidades de sus entornos locales combinando tecnologías locales e híbridas. Los administradores híbridos de Windows Server que ya implementan y administran tecnologías básicas locales quieren proteger sus entornos, migrar cargas de trabajo virtuales y físicas a IaaS de Azure, habilitar un entorno totalmente redundante de alta disponibilidad y realizar la supervisión y la resolución de problemas.


Elementos de esta colección

  • Protección de cuentas de usuario de Windows Server
  • Protección de Windows Server
  • Administrar actualizaciones de Windows Server
  • Secure Windows Server DNS
  • Implementación de seguridad de red de VM de IaaS de Windows Server
  • Auditoría de la seguridad de máquinas virtuales de IaaS de Windows Server
  • Administración de las actualizaciones de Azure
  • Creación e implementación de listas de aplicaciones permitidas con controles de aplicaciones adaptables
  • Configuración del cifrado de disco de BitLocker para máquinas virtuales de IaaS de Windows
  • Implementación del seguimiento de cambios y la supervisión de la integridad de archivos para máquinas virtuales IaaS de Windows
  • Introducción a los volúmenes compartidos de clúster
  • Implementación de clústeres de conmutación por error de Windows Server
  • Implementar la alta disponibilidad de las máquinas virtuales de Windows Server
  • Implementar alta disponibilidad del servidor de archivos de Windows Server
  • Implementación de escala y alta disponibilidad con máquinas virtuales de Windows Server
  • Implementación de la réplica de Hyper-V
  • Proteger su infraestructura local ante desastres con Azure Site Recovery
  • Implementación de copia de seguridad y recuperación híbridas con Windows Server IaaS
  • Protección de la infraestructura de Azure con Azure Site Recovery
  • Protección de las máquinas virtuales con Azure Backup
  • Migración a Active Directory Domain Services
  • Migración de cargas de trabajo de servidor de archivos mediante el servicio de migración de almacenamiento
  • Migración de roles de Windows Server
  • Migración de instancias locales de Windows Server a máquinas virtuales de IaaS de Azure
  • Actualización y migración de máquinas virtuales de IaaS de Windows Server
  • Contenedorización y migración de aplicaciones ASP.NET a Azure App Service
  • Supervisión del rendimiento de Windows Server
  • Administración y supervisión de registros de eventos de Windows Server
  • Implementación de auditorías y diagnósticos de Windows Server
  • Solución de problemas de Active Directory
  • Supervisión de instancias híbridas y máquinas virtuales de Windows Server IaaS
  • Supervisión del estado de la máquina virtual de Azure mediante alertas del explorador de métricas de Azure y alertas de métricas
  • Supervisión del rendimiento de las máquinas virtuales mediante Azure Monitor - VM Insights
  • Solución de problemas de redes locales e híbridas
  • Solución de problemas en máquinas virtuales con Windows Server en Azure


Esquema del curso

Module 1: Windows Server security

This module discusses how to protect an Active Directory environment by securing user accounts to least privilege and placing them in the Protected Users group. The module covers how to limit authentication scope and remediate potentially insecure accounts. The module also describes how to harden the security configuration of a Windows Server operating system environment. In addition, the module discusses the use of Windows Server Update Services to deploy operating system updates to computers on the network. Finally, the module covers how to secure Windows Server DNS to help protect the network name resolution infrastructure.

Lesson

  • Secure Windows Sever user accounts
  • Hardening Windows Server
  • Windows Server Update Management
  • Secure Windows Server DNS

Lab : Configuring security in Windows Server

  • Configuring Windows Defender Credential Guard
  • Locating problematic accounts
  • Implementing LAPS

After completing this module, students will be able to:

  • Diagnose and remediate potential security vulnerabilities in Windows Server resources.
  • Harden the security configuration of the Windows Server operating system environment.
  • Deploy operating system updates to computers on a network by using Windows Server Update Services.
  • Secure Windows Server DNS to help protect the network name resolution infrastructure.
  • Implement DNS policies.

Module 2: Implementing security solutions in hybrid scenarios

This module describes how to secure on-premises Windows Server resources and Azure IaaS workloads. The module covers how to improve the network security for Windows Server infrastructure as a service (IaaS) VMs and how to diagnose network security issues with those VMs. In addition, the module introduces Azure Security Center and explains how to onboard Windows Server computers to Security Center. The module also describes how to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for Azure VMs. The module explains how Adaptive application controls and BitLocker disk encryption are used to protect Windows Server IaaS VMs. Finally, the module explains how to monitor Windows Server Azure IaaS VMs for changes in files and the registry, as well as monitoring modifications made to application software.

Lesson

  • Implement Windows Server IaaS VM network security.
  • Audit the security of Windows Server IaaS Virtual Machines
  • Manage Azure updates
  • Create and implement application allowlists with adaptive application control
  • Configure BitLocker disk encryption for Windows IaaS Virtual Machines
  • Implement change tracking and file integrity monitoring for Windows Server IaaS VMs

Lab : Using Azure Security Center in hybrid scenarios

  • Provisioning Azure VMs running Windows Server
  • Configuring Azure Security Center
  • Onboarding on-premises Windows Server into Azure Security Center
  • Verifying the hybrid capabilities of Azure Security Center
  • Configuring Windows Server security in Azure VMs

After completing this module, students will be able to:

  • Diagnose network security issues in Windows Server IaaS virtual machines.
  • Onboard Windows Server computers to Azure Security Center.
  • Deploy and manage updates for Azure VMs by enabling Azure Automation Update Management.
  • Implement Adaptive application controls to protect Windows Server IaaS VMs.
  • Configure Azure Disk Encryption for Windows IaaS VMs.
  • Back up and recover encrypted data.
  • Monitor Windows Server Azure IaaS VMs for changes in files and the registry.

Module 3: Implementing high availability

This module describes technologies and options to create a highly available Windows Server environment. The module introduces Clustered Shared Volumes for shared storage access across multiple cluster nodes. The module also highlights failover clustering, stretch clusters, and cluster sets for implementing high availability of Windows Server workloads. The module then discusses high availability provisions for Hyper-V and Windows Server VMs, such as network load balancing, live migration, and storage migration. The module also covers high availability options for shares hosted on Windows Server file servers. Finally, the module describes how to implement scaling for virtual machine scale sets and load balanced VMs, and how to implement Azure Site Recovery.

Lesson

  • Introduction to Cluster Shared Volumes.
  • Implement Windows Server failover clustering.
  • Implement high availability of Windows Server VMs.
  • Implement Windows Server File Server high availability.
  • Implement scale and high availability with Windows Server VMs.

Lab : Implementing failover clustering

  • Configuring iSCSI storage
  • Configuring a failover cluster
  • Deploying and configuring a highly available file server
  • Validating the deployment of the highly available file server

After completing this module, students will be able to:

  • Implement highly available storage volumes by using Clustered Share Volumes.
  • Implement highly available Windows Server workloads using failover clustering.
  • Describe Hyper-V VMs load balancing.
  • Implement Hyper-V VMs live migration and Hyper-V VMs storage migration.
  • Describe Windows Server File Server high availablity options.
  • Implement scaling for virtual machine scale sets and load-balanced VMs.
  • Implement Azure Site Recovery.

Module 4: Disaster recovery in Windows Server

This module introduces Hyper-V Replica as a business continuity and disaster recovery solution for a virtual environment. The module discusses Hyper-V Replica scenarios and use cases, and prerequisites to use it. The module also discusses how to implement Azure Site Recovery in on-premises scenarios to recover from disasters.

Lesson

  • Implement Hyper-V Replica
  • Protect your on-premises infrastructure from disasters with Azure Site Recovery

Lab : Implementing Hyper-V Replica and Windows Server Backup

  • Implementing Hyper-V Replica
  • Implementing backup and restore with Windows Server Backup

After completing this module, students will be able to:

  • Describe Hyper-V Replica, pre-requisites for its use, and its high-level architecture and components
  • Describe Hyper-V Replica use cases and security considerations.
  • Configure Hyper-V Replica settings, health monitoring, and failover options.
  • Describe extended replication.
  • Replicate, failover, and failback virtual machines and physical servers with Azure Site Recovery.

Module 5: Implementing recovery services in hybrid scenarios

This module covers tools and technologies for implementing disaster recovery in hybrid scenarios, whereas the previous module focuses on BCDR solutions for on-premises scenarios. The module begins with Azure Backup as a service to protect files and folders before highlighting how to implement Recovery Vaults and Azure Backup Policies. The module describes how to recover Windows IaaS virtual machines, perform backup and restore of on-premises workloads, and manage Azure VM backups. The module also covers how to provide disaster recovery for Azure infrastructure by managing and orchestrating replication, failover, and failback of Azure virtual machines with Azure Site Recovery.

Lesson

  • Implement hybrid backup and recovery with Windows Server IaaS
  • Protect your Azure infrastructure with Azure Site Recovery
  • Protect your virtual machines by using Azure Backup

Lab : Implementing Azure-based recovery services

  • Implementing the lab environment
  • Creating and configuring an Azure Site Recovery vault
  • Implementing Hyper-V VM protection by using Azure Site Recovery vault
  • Implementing Azure Backup

After completing this module, students will be able to:

  • Recover Windows Server IaaS virtual machines by using Azure Backup.
  • Use Azure Backup to help protect the data for on-premises servers and virtualized workloads.
  • Implement Recovery Vaults and Azure Backup policies.
  • Protect Azure VMs with Azure Site Recovery.
  • Run a disaster recovery drill to validate protection.
  • Failover and failback Azure virtual machines.

Module 6: Upgrade and migrate in Windows Server

This module discusses approaches to migrating and updating Windows Server workloads running in earlier versions of Windows Server. The module covers the necessary strategies needed to move domain controllers to Windows Server 2022 and describes how the Active Directory Migration Tool can consolidate domains within a forest or migrate domains to a new AD DS forest. The module also discusses the use of Storage Migration Service to migrate files and files shares from existing file servers to new servers running Windows Server 2022. Finally, the module covers how to install and use the Windows Server Migration Tools cmdlets to migrate commonly used server roles from earlier versions of Windows Server.

Lesson

  • Active Directory Domain Services migration
  • Migrate file server workloads using Storage Migration Service
  • Migrate Windows Server roles

Lab : Migrating Windows Server workloads to IaaS VMs

  • Deploying AD DS domain controllers in Azure
  • Migrating file server shares by using Storage Migration Service
  • After completing this module, students will be able to:
  • Compare upgrading an AD DS forest and migrating to a new AD DS forest.
  • Describe the Active Directory Migration Tool (ADMT).
  • Identify the requirements and considerations for using Storage Migration Service.
  • Describe how to migrate a server with storage migration.
  • Use the Windows Server Migration Tools to migrate specific Windows Server roles.

Module 7: Implementing migration in hybrid scenarios

This module discusses approaches to migrating workloads running in Windows Server to an infrastructure as a service (IaaS) virtual machine. The module introduces using Azure Migrate to assess and migrate on-premises Windows Server instances to Microsoft Azure. The module also covers how migrate a workload running in Windows Server to an infrastructure as a service (IaaS) virtual machine (VM) and to Windows Server 2022 by using Windows Server migration tools or the Storage Migration Service. Finally, this module describes how to use the Azure Migrate App Containerization tool to containerize and migrate ASP.NET applications to Azure App Service.

Lesson

  • Migrate on-premises Windows Server instances to Azure IaaS virtual machines
  • Upgrade and migrate Windows Server IaaS virtual machines
  • Containerize and migrate ASP.NET applications to Azure App Service

Lab : Migrating on-premises VMs servers to IaaS VMs

  • Implementing assessment and discovery of Hyper-V VMs using Azure Migrate
  • Implementing migration of Hyper-V workloads using Azure Migrate
  • After completing this module, students will be able to:
  • Plan a migration strategy and choose the appropriate migration tools.
  • Perform server assessment and discovery using Azure Migrate.
  • Migrate Windows Server workloads to Azure VM workloads using Azure Migrate.
  • Explain how to migrate workloads using Windows Server Migration tools.
  • Migrate file servers by using the Storage Migration Service.
  • Discover and containerize ASP.NET applcations running on Windows.
  • Migrate a containerized application to Azure App Service.

Module 8: Server and performance monitoring in Windows Server

This module introduces a range of tools to monitor the operating system and applications on a Windows Server computer as well as describing how to configure a system to optimize efficiency and to troubleshoot problems. The module covers how Event Viewer provides a convenient and accessible location for observing events that occur, and how to interpret the data in the event log. The module also covers how to audit and diagnose a Windows Server environment for regulatory compliance, user activity, and troubleshooting. Finally, the module explains how to troubleshoot AD DS service failures or degraded performance, including recovery of deleted objects and the AD DS database, and how to troubleshoot hybrid authentication issues.

Lesson

  • Monitor Windows Server performance
  • Manage and monitor Windows Server event logs
  • Implement Windows Server auditing and diagnostics
  • Troubleshoot Active Directory

Lab : Monitoring and troubleshooting Windows Server

  • Establishing a performance baseline
  • Identifying the source of a performance problem
  • Viewing and configuring centralized event logs

After completing this module, students will be able to:

  • Explain the fundamentals of server performance tuning.
  • Use built-in tools in Windows Server to monitor server performance.
  • Use Server Manager and Windows Admin Center to review event logs.
  • Implement custom views.
  • Configure an event subscription.
  • Audit Windows Server events.
  • Configure Windows Server to record diagnostic information.
  • Recover the AD DS database and objects in AD DS.
  • Troubleshoot AD DS replication.
  • Troubleshoot hybrid authentication issues.

Module 9: Implementing operational monitoring in hybrid scenarios

This module covers using monitoring and troubleshooting tools, processes, and best practices to streamline app performance and availability of Windows Server IaaS VMs and hybrid instances. The module describes how to implement Azure Monitor for IaaS VMs in Azure, implement Azure Monitor in on-premises environments, and use dependency maps. The module then explains how to enable diagnostics to get data about a VM, view VM metrics in Azure Metrics Explorer, and create a metric alert to monitor VM performance. The module then covers how to monitor VM performance by using Azure Monitor VM Insights. The module then describes various aspects of troubleshooting on premises and hybrid network connectivity, including how to diagnose common issues with DHCP, name resolution, IP configuration, and routing. Finally, the module examines how to troubleshoot configuration issues that impact connectivity to Azure-hosted Windows Server virtual machines (VMs), as well as approaches to resolve issues with VM startup, extensions, performance, storage, and encryption.

Lesson

  • Monitor Windows Server IaaS Virtual Machines and hybrid instances
  • Monitor the health of your Azure virtual machines by using Azure Metrics Explorer and metric alerts
  • Monitor performance of virtual machines by using Azure Monitor VM Insights
  • Troubleshoot on-premises and hybrid networking
  • Troubleshoot Windows Server Virtual Machines in Azure

Lab : Monitoring and troubleshooting of IaaS VMs running Windows Server

  • Enabling Azure Monitor for virtual machines
  • Setting up a VM with boot diagnostics
  • Setting up a Log Analytics workspace and Azure Monitor VM Insights

After completing this module, students will be able to:

  • Implement Azure Monitor for IaaS VMs in Azure and in on-premises environments.
  • Implement Azure Monitor for IaaS VMs in Azure and in on-premises environments.
  • View VM metrics in Azure Metrics Explorer.
  • Use monitoring data to diagnose problems.
  • Evaluate Azure Monitor Logs and configure Azure Monitor VM Insights.
  • Configure a Log Analytics workspace.
  • Troubleshoot on-premises connectivity and hybrid network connectivity.
  • Troubleshoot AD DS service failures or degraded performance.
  • Recover deleted security objects and the AD DS database.
  • Troubleshoot hybrid authentication issues.


Requisitos previos

Antes de asistir a este curso, los estudiantes deben tener:

  • Experiencia en la administración del sistema operativo Windows Server y las cargas de trabajo de Windows Server en escenarios locales, incluidos AD DS, DNS, DFS, Hyper-V y servicios de almacenamiento y archivos.
  • Experiencia con las herramientas de administración comunes de Windows Server (implícito en el primer requisito previo).
  • Conocimientos básicos de las tecnologías básicas de proceso, almacenamiento, redes y virtualización de Microsoft (implícito en el primer requisito previo).
  • Experiencia y comprensión de las principales tecnologías de red, como el direccionamiento IP, la resolución de nombres y el Protocolo de configuración dinámica de host (DHCP).
  • Experiencia trabajando y comprensión de Microsoft Hyper-V y conceptos básicos de virtualización de servidores.
  • Conocimiento de los procedimientos recomendados de seguridad básicos.
  • Conocimientos básicos de las tecnologías relacionadas con la seguridad (firewalls, cifrado, autenticación multifactor, SIEM/SOAR).
  • Conocimientos básicos de las tecnologías de proceso y almacenamiento basadas en Windows Server de resistencia local (clústeres de conmutación por error, espacios de almacenamiento).
  • Experiencia básica en la implementación y administración de servicios de IaaS en Microsoft Azure
  • Conocimientos básicos de Azure Active Directory
  • Experiencia trabajando de manera práctica con los sistemas operativos cliente de Windows, como Windows 10 o Windows 11
  • Experiencia básica con Windows PowerShell.


Comprensión de los siguientes conceptos relacionados con las tecnologías de Windows Server:

  • Alta disponibilidad y recuperación ante desastres
  • Automatización
  • Supervisión
  • Solución de problemas


Idioma

  • Curso: Inglés

  • Labs: Inglés

€695.00

Información relacionada a la formación

Soporte siempre a tu lado

Soporte de formación: Siempre a tu lado

Formación presencial y telepresencial

¿Necesitas otra modalidad formativa?

bonificaciones

Bonificaciones para empresas