Troubleshooting with Microsoft Azure Network Watcher

Microsoft now gives you packet-level access to your Windows Server and Linux virtual machines (VMs) running in Azure. You'll learn how to use Network Watcher to troubleshoot network security groups (NSGs), perform packet captures, and much more.
Course info
Level
Intermediate
Updated
Oct 31, 2017
Duration
2h 12m
Table of contents
Description
Course info
Level
Intermediate
Updated
Oct 31, 2017
Duration
2h 12m
Description

IT ops professionals often require packet-level access to network traffic in order to perform troubleshooting and performance optimization. In this course, Troubleshooting with Microsoft Azure Network Watcher, you'll learn how to use every tool in this new Microsoft Azure feature. First, you'll discover how to enable Network Watcher in your home Azure regions. Next, you'll explore how to use Network Watcher to trace routing paths, troubleshoot NSGs, and test connectivity to and from your VMs running in Azure. Finally, you'll learn how to perform packet captures with Network Watcher and visualize the capture data with open-source software. When you're finished with this course, you'll have the skills and knowledge to analyze your Azure IaaS resources deeply and effectively.

About the author
About the author

Timothy Warner is a Microsoft Most Valuable Professional (MVP) in Cloud and Datacenter Management who is based in Nashville, TN.

More from the author
Managing Public Networking in Microsoft Azure
Intermediate
1h 11m
14 Sep 2018
Connecting Microsoft Azure Virtual Networks
Intermediate
1h 2m
14 Sep 2018
More courses by Tim Warner
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello everyone and welcome to my course Troubleshooting with Microsoft Azure Network Watcher. My name is Tim Warner and I'm a full-time author with Pluralsight and a Microsoft MVP and cloud in data center management. This course covers every feature in Azure Network Watcher. Network Watcher is a free feature that gives you tools to visualize your Azure network communications at a granular level. Some of the major topics that we'll cover include understanding how Network Watcher can help you, testing network security groups, testing connectivity to your VMs in Azure, analyzing network traffic in Azure, and performing deeper diagnostics and visualization. By the end of this course you'll be able to perform deep analysis of your Azure virtual networks and software defined networking resources. Before beginning the course, you should be familiar with TCPIP inner networking and Azure Networking Stack deployment and configuration. From here you should feel more confident tuning and troubleshooting Azure network resources. If you want to pursue more general Azure networking training, see our course Implementing Microsoft Azure Networking. I hope you'll join me on this journey to master Microsoft Azure Network Maintenance with the Troubleshooting with Microsoft Azure Network Watcher course from Pluralsight.

Let Network Watcher Help You
Hello there and welcome to Pluralsight. My name is Tim Warner and I'm happy to be your instructor for this course entitled Troubleshooting with Microsoft Azure Network Watcher. Its title is Let Network Watcher Help You. This course consists of five sequential modules, the first one that we're in right now, as I just told you, is called Let Network Watcher Help You. Say that five times quickly, that's a tongue twister, isn't it? We'll then get into testing network security groups, testing connectivity to your VMs in Azure, analyzing network traffic in Azure, and ultimately performing deeper diagnostics. Of course you can always watch these modules in any order, but I recommend that you work sequentially because examples that I build earlier in the course will be added to and revisited as we go on. Our goals in this module are as follows. I want you to grasp preliminary knowledge regarding Azure Network Watcher, what it is, what brought you to this course, what do you hope to get out of it. We'll then introduce the feature specifically. I'll teach you how to enable it in your subscriptions and resource groups and we'll also prepare our analysis environment. Let's get started. In all of my courses I build what are called exercise files, specifically I create links lists that contain references to all of the sites that I talk about during my modules. I do this so you don't have to worry about taking notes, although you probably know that the Pluralsight Web Player does have note taking capability, that's always nice, but anyway, in the Pluralsight Web Player, you'll want to go to the Exercise Files tab and click the Download Exercise Files button. This is going to bring down a zip archive that contains PDF representations of all of my PowerPoint decks, as well as folders that contain a file called demos. txt. You can open those text files in any plain text editor, although I recommend Microsoft's Visual Studio Code because the links will be clickable, as you see here.

Test Network Security Groups
Hello there and welcome to Pluralsight. My name is Tim Warner and this module is entitled Test Network Security Groups. What you're going to learn in this module is threefold, first we're going to review what Network Security Groups are, also called NSGs for short. Then we'll dive into two scenarios in Network Watcher. First, security group view, that gives you insight in your NSG rule sets, and IP flow verify that serves as an excellent way to test port connectivity to and from your Azure virtual machines. Let's get started.

Test Connectivity to Your VMs in Azure
Hello there and welcome to Pluralsight. My name is Tim Warner. This module is entitled Test Connectivity to Your VMs in Azure. We have a lot to do in this module. I'm going to cover a number of Network Watcher scenarios, starting with network topology, then we'll do connectivity check, we'll look at Next hop analysis, VPN diagnostics, and finally just in time VM Access. That's a lot of material, but it's all related and it's super useful, so let's get right to it. Network topology. I want this module to be as demo heavy as possible, so I'll just give you a definition here. A network topology refers to the arrangement of the various elements of a communications network, links, notes, etc. Now the variants, of course, are physical and logical. A physical network topology will involve network interface cards, you could have wired Ethernet, Wi-Fi Ethernet, which would involve wireless access points, wired Ethernet would involve switches and routers, those are physical links. Of course in Microsoft Azure everything is done through software defined networking. We as customers never see Azure's physical topology. So logical network topology, we're dealing with virtual network interface cards, virtual routing tables, network virtual appliances, etc. But as I said at the beginning of the course, it's important that you have foundational knowledge in TCP/IP networking. I'm going to show you now a neat function in Network Watcher that allows to you visualize your software defined networking topology in Microsoft Azure.

Analyze Network Traffic in Azure
Hello there, welcome to Pluralsight. My name is Tim Warner and this module is entitled Analyze Network Traffic in Azure. We're going to get down to the bare metal, virtually speaking. I'm going to teach you how packet capture works in the Azure public cloud, specifically using Network Watcher's packet capture capability. I'm going to also show you how to load up your capture results using Wireshark, the free and open source packet analyzer, and I'll even show you how to visualize your capture data using, again, the free and open source CapAnalysis tool. This is a useful high impact module, I'm excited to teach it to you. I hope you're excited to learn, let's get started.

Perform Deeper Diagnostics
Hello there and welcome to Pluralsight. My name is Tim Warner and this module is entitled Perform Deeper Diagnostics. We're in the final module of this course on Azure Network Watcher. We're going to begin by examining the Azure network subscription limits. You might be thinking, well Tim isn't that a general topic? It is and it isn't. Network Watcher actually has built in functionality where you can see what your quotas are for network related services. We'll then examine network security group flow logs. There's been quite a bit with the network security group over this course, and for good reason. I'll show you how to visualize flow logs using Microsoft's Power BI. We'll then go into diagnostic logs for Azure networking resources, and those skills are going to be really useful for you because you can apply the diagnostics and log analytic skills to any Azure resource, not just network ones. So we have a lot of cover, as usual, so let's get right to it.