Tutorial / Cram Notes
Azure Network Watcher is a suite of tools that provides network monitoring, diagnostic, and visualization capabilities to network administrators for their Azure resources. Considering the AZ-104 Microsoft Azure Administrator exam, understanding how to utilize Azure Network Watcher is vital for managing and troubleshooting an organization’s network infrastructure within Azure.
Features of Azure Network Watcher
Azure Network Watcher offers several features helpful for network troubleshooting and management:
- Topology: Visualizes the network resource topology within a Virtual Network.
- IP Flow Verify: Checks if a packet is allowed or denied to or from a virtual machine.
- Next Hop: Determines the next hop for packets sent from a VM.
- Connection Monitor: Monitors communication at a regular interval on a network.
- Network Performance Monitor (NPM): Detects network issues like traffic blackholing and network route analysis.
- Connection Troubleshoot: Diagnoses problems at the network level that affect service-level agreements (SLAs).
- Packet Capture: Captures traffic to and from a VM.
- Security Group View: Gets the effective security rules that are applied to a VM.
- NSG Flow Logging: Logs information about ingress and egress IP traffic through a Network Security Group (NSG).
Scenario-Based Examples
Here are some ways Azure Network Watcher can be used to solve common network issues faced by Azure Administrators:
Scenario 1: Monitoring Network Communication
Task: You need to monitor ongoing communication between two VMs to ensure compliance with the SLAs.
Solution with Azure Network Watcher:
- Step: Use the Connection Monitor feature to create monitoring profiles for the virtual machines.
- Step: Review the performance data and logs to ensure the required communication performance is met.
Scenario 2: Diagnosing a Connectivity Issue
Task: VMs within a virtual network are experiencing connectivity issues with an external endpoint.
Solution with Azure Network Watcher:
- Step: Utilize IP Flow Verify to check whether traffic is allowed or denied by the network security group rules.
- Step: Run NSG Flow Logging to analyze traffic logs and identify if the NSGs are misconfigured.
- Step: If the NSGs are configured correctly, use the Next Hop feature to determine the next network hop the traffic takes.
Scenario 3: Packet-Level Analysis
Task: A network administrator needs to capture and analyze network traffic from a production VM for diagnostic purposes.
Solution with Azure Network Watcher:
- Step: Use the Packet Capture feature to capture traffic to or from the VM.
- Step: Analyze the resulting capture file with tools like Wireshark to diagnose issues.
Scenario 4: Visualizing Network Structure
Task: An admin has to visualize the network topology for compliance checks.
Solution with Azure Network Watcher:
- Step: Access the Topology feature within Network Watcher to visualize and document the network resources and their relationships.
Comparison Table of Some Azure Network Watcher Features
| Feature | Purpose | Example Use Case |
|---|---|---|
| Topology | Visualizes network topology | Mapping the network to understand resource interactions |
| IP Flow Verify | Verifies packet allow/deny status | Debugging communication issues to a VM |
| Next Hop | Finds next hop for traffic | Resolving network routing problems |
| Connection Monitor | Monitors network connectivity | Ensuring SLAs for network performance are met |
| NSG Flow Logging | Logs NSG traffic data | Auditing and analyzing network traffic through NSGs |
Conclusion
By mastering the use of Azure Network Watcher’s tools, Azure Administrators can effectively monitor, diagnose, and visualize network-related issues, ensuring that cloud resources maintain optimal performance and security. This knowledge is instrumental for the AZ-104 exam as it demonstrates the practical application of Azure Network management and troubleshooting.
Practice Test with Explanation
Azure Network Watcher is a service that helps monitor and diagnose conditions at a network scenario level in Azure. (True/False)
- True
Azure Network Watcher provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network.
Network Security Group (NSG) flow logs can be configured through Azure Network Watcher. (True/False)
- True
NSG flow logs are a feature of Network Watcher that allows you to view information about ingress and egress IP traffic through an NSG.
To view the topology of your virtual network in Azure, which feature of Azure Network Watcher should you use?
- A. NSG Flow Logs
- B. IP Flow Verify
- C. Topology
- D. Connection Monitor
Answer: C. Topology
The Topology feature enables you to view the network topology within a virtual network, subnet, or resource group.
The Connection Troubleshoot feature in Azure Network Watcher can be used to diagnose problems with on-premises connectivity. (True/False)
- False
Connection Troubleshoot is designed to diagnose connectivity issues from VMs in Azure to other Azure VMs, FQDNs, URIs, and IPv4 addresses. It does not diagnose on-premises connectivity issues.
Which feature of Azure Network Watcher allows you to verify whether packets are allowed or denied to or from a virtual machine?
- A. NSG Flow Logs
- B. IP Flow Verify
- C. Connection Monitor
- D. Traffic Analytics
Answer: B. IP Flow Verify
IP Flow Verify checks if packets are allowed or denied to or from a VM based on the effective security rules.
Azure Network Watcher’s VPN Diagnostics feature only supports troubleshooting of Azure VPN Gateway. (True/False)
- False
VPN Diagnostics can support troubleshooting of Azure VPN Gateway and third-party VPN connections as well.
Which tool in Azure Network Watcher can be used to capture packets to and from a virtual machine network interface?
- A. Connection Monitor
- B. Packet Capture
- C. Connection Troubleshoot
- D. VPN Diagnostics
Answer: B. Packet Capture
Packet Capture allows you to create capture sessions to track traffic to and from a VM.
What is the purpose of the Network Performance Monitor (NPM) feature in Azure Network Watcher?
- A. To visualize network topologies
- B. To check for potential security rule breaches
- C. To monitor network performance and detect network issues
- D. To capture network traffic for analysis
Answer: C. To monitor network performance and detect network issues
NPM is a cloud-based network performance monitoring solution that monitors network performance and detects network issues.
Traffic Analytics in Azure Network Watcher provides insights into which aspect of the network traffic?
- A. Origins and destinations of traffic
- B. Applications generating the traffic
- C. User traffic volume
- D. All of the above
Answer: D. All of the above
Traffic Analytics is a cloud-based solution that provides visibility into user and application activity in the network, including the origins and destinations of traffic.
Azure Network Watcher’s Connection Monitor can be used to monitor the performance of service endpoints. (True/False)
- True
Connection Monitor tracks and monitors the performance of service endpoints, network connections, and overall network health.
What should you use to test DNS resolution and Internet connectivity from within Azure to outside services?
- A. Connection Monitor
- B. Network Performance Monitor
- C. Connection Troubleshoot
- D. Network Configuration Diagnostic
Answer: A. Connection Monitor
Connection Monitor can be used to test DNS resolution and Internet connectivity as part of its network performance monitoring features.
Is it possible to automate responses to specific findings in Azure Network Watcher using Azure Logic Apps?
- A. Only through the Azure portal
- B. Yes, using Azure Logic Apps
- C. No, Azure Network Watcher does not support automation
- D. Only through third-party automation tools
Answer: B. Yes, using Azure Logic Apps
You can integrate Azure Network Watcher with Azure Logic Apps to automate responses to certain findings or alerts.
Interview Questions
What is Azure Network Watcher?
Azure Network Watcher is a monitoring and diagnostic service provided by Microsoft Azure that enables network performance monitoring, packet capture, flow log analysis, and diagnostic tools for virtual networks in Azure.
What are the different monitoring options available in Azure Network Watcher?
Azure Network Watcher provides the following monitoring options 1. Topology 2. Connection Monitor 3. Packet Capture 4. IP Flow Verify 5. Next Hop 6. Security Group View 7. Log Analytics
What is Topology in Azure Network Watcher?
Topology in Azure Network Watcher provides a graphical representation of network topology for virtual networks, including the relationships between resources and the number of hops between them.
What is Connection Monitor in Azure Network Watcher?
Connection Monitor is a feature in Azure Network Watcher that enables you to monitor network connections between resources in your virtual network and diagnose connectivity issues.
What is Packet Capture in Azure Network Watcher?
Packet Capture is a feature in Azure Network Watcher that enables you to capture network traffic between virtual machines in your virtual network and diagnose connectivity issues.
What is IP Flow Verify in Azure Network Watcher?
IP Flow Verify is a feature in Azure Network Watcher that enables you to validate the path that network traffic takes between two endpoints in your virtual network.
What is Next Hop in Azure Network Watcher?
Next Hop is a feature in Azure Network Watcher that enables you to diagnose connectivity issues by determining the next hop for network traffic from a source to a destination.
What is Security Group View in Azure Network Watcher?
Security Group View is a feature in Azure Network Watcher that provides a graphical view of security group rules and the resources that they apply to.
What is Log Analytics in Azure Network Watcher?
Log Analytics is a feature in Azure Network Watcher that enables you to collect, analyze, and act on data generated by your virtual network.
Can I use Azure Network Watcher to monitor a network deployed outside Azure?
No, Azure Network Watcher is designed to monitor only virtual networks deployed within the Azure cloud platform.
What is the cost of using Azure Network Watcher?
Azure Network Watcher is a paid service and the cost varies based on the amount of data stored and the number of resources being monitored.
Is Azure Network Watcher available in all Azure regions?
No, Azure Network Watcher is not available in all Azure regions. You can check the availability of Azure Network Watcher in your region by visiting the Azure Services by Region page.
How do I enable Azure Network Watcher?
Azure Network Watcher is a preconfigured service in the Azure portal. You can enable it by navigating to the Network Watcher blade in the Azure portal and selecting the virtual network you want to monitor.
Can I use Azure Network Watcher with other Azure monitoring services?
Yes, Azure Network Watcher can be used in conjunction with other Azure monitoring services such as Azure Monitor, Azure Log Analytics, and Azure Application Insights.
How can I get support for Azure Network Watcher?
You can get support for Azure Network Watcher by visiting the Azure Support Center or by contacting Microsoft Azure Support.
Great post on using Azure Network Watcher! It’s incredibly useful for monitoring your network.
Can someone explain how Network Watcher helps with packet capture?
This is exactly what I needed for my AZ-104 preparation. Thanks!
I’m having issues enabling Network Watcher in my region. Any tips?
Thanks for sharing this! Helped me understand NSG flow logs.
I find the troubleshooting tools very effective!
For me, the topology feature is a game-changer.
Can anyone guide me through using connection troubleshoot in Network Watcher?