Talks
Microsoft Azure
Migrating Servers to Microsoft Azure
Date: Friday, June 20 2025
Time: 6:00-7:00 PM CET
Format: Live tech webinar
Overview
As organizations increasingly move to the cloud, IT professionals need a practical understanding of how to migrate on‑premises servers to Microsoft Azure. This session introduces Azure Migrate and its key integrations, giving you a solid foundation for assessing and migrating a wide range of workloads, including virtual machines and physical servers.
By the end of the webinar, you’ll have a clear view of the Azure Migrate service and the tools that enable efficient, reliable server migrations to Azure.
What You’ll Learn (Learning Objectives)
- Assess and migrate VMware virtual machines, Hyper‑V machines, and physical machines
- Set up and prepare Azure and VMware environments for Azure Migrate
- Explore the Azure Migrate Server Migration tool, appliance VMs, and continuous discovery
Who Should Attend (Intended Audience)
- IT professionals aiming to become Azure cloud architects or preparing for Microsoft Azure certification exams
- IT professionals responsible for managing and supporting Azure virtual machines
Prerequisites
- General knowledge of IT infrastructure
- General familiarity with the Azure environment and VMware
Session Materials
Looking for resources from the webinar? You can request the slide deck by filling out the contact form on the website. Please include “ Azure Migrate Webinar – Slide Deck ” in your message, and we’ll send it to you via email.
Please note: the webinar was delivered live and was not recorded, so a recording is not available.
The Art of Azure ExpressRoute: Crafting Resilient Architectures and Evading Design Blunders
Date: Wednesday, September 17 2025
Time: 5:30-6:15 PM CET
Format: Live tech webinar
Overview
Build ironclad Azure connectivity that keeps traffic predictable and uptime high. In this fast‑paced session, we distill hard‑earned patterns for resilient ExpressRoute design, from selecting the right peering and circuit/gateway SKUs to engineering BGP for deterministic paths and controlled failover. You’ll learn how to avoid hidden pitfalls (asymmetric routing, route leaks, single‑circuit risk) and adopt operational practices that keep your hybrid edge robust over time. Expect clear decision frameworks, testable patterns, and guardrails you can apply the next day.
What You’ll Learn (Learning Objectives)
- HA topologies: dual circuits/providers, redundant edge routers, failure‑domain isolation
- BGP traffic engineering: scoped prefixes, local‑pref/MED/AS‑path, max‑prefix guards; prevent default‑route/long‑prefix leaks
- Peering & segmentation: private vs Microsoft peering; hub‑and‑spoke, VRF/VNet segmentation aligned to service needs
- Controlled failover: ExpressRoute-to-VPN fallback, graceful reroute, DR test plans that prevent blackholes
- Capacity & performance: circuit/gateway SKUs, MTU/QoS, latency/jitter targets, instrumentation of the right metrics
- Security & operations: route filtering, policy guardrails, observability/alerts/runbooks; avoid common anti‑patterns (asymmetric paths, single‑circuit dependency, unbounded advertisements)
Who Should Attend (Intended Audience)
- Cloud & network architects designing hybrid connectivity to Azure
- Azure engineers / platform teams responsible for ExpressRoute planning and operations
- IT operations / SRE teams focused on resilience, performance, and incident readiness
- Security & compliance practitioners needing governed connectivity patterns
Prerequisites
- Working knowledge of IP networking and BGP fundamentals
- Familiarity with Azure networking (VNets, gateways, routing)
- Exposure to on‑prem connectivity (data center, MPLS/SD‑WAN, edge routers)
- Basic understanding of cloud governance and operations
Session Materials
This webinar is part of a 3‑day virtual conference organized by Kyndryl (Kyndryl SRExplore25). Slides and the session recording are available to Kyndryl internal employees.
Interested in the topic for an external audience? We’re happy to organize a new webinar covering the same material. Request it via the contact form on the website and mention “ ExpressRoute webinar request ”.
Session Title
Securing the Edge: Best Practices for Azure ExpressRoute in Hybrid Cloud Architectures
Event
Delivered at WPC 2025, Italy’s most important conference on Microsoft technologies, bringing together architects, engineers, and IT leaders across cloud, security, AI, and modern infrastructure.
Learn more: WPC 2025 conference program
Format
Public, in‑person session
Date & Time
December 2, 2025 · 6:30-7:30 PM CET
Technical Overview
This session dives deep into the strategic design and operational hardening of Azure ExpressRoute for hybrid and multi‑cloud scenarios.
We examine how to engineer resilient, secure, and high‑performance connectivity between enterprise edge sites and Azure, with emphasis on failure domains, traffic engineering, and control‑plane/edge security.
Core topics covered:
- Peering & service choices
- Private Peering for VNet connectivity
- ExpressRoute Direct for high‑throughput and deterministic capacity; MACsec available on ER Direct for Layer‑2 encryption
- FastPath for data‑plane bypass of the gateway to reduce latency and CPU load
- High availability & failure domain isolation
- Dual circuits in separate facilities/providers; metro diversity and MSEE pair diversity
- Zone‑redundant ER gateways and active/active design
- Failover strategies: ExpressRoute primary with IPsec VPN as controlled fallback; deterministic failover with prefix scoping
- BGP policy & path control
- Edge security posture
- Hub‑and‑spoke topologies with deny‑by‑default at the hub
- Azure Firewall/NVA patterns for L4‑L7 inspection and policy
- Least‑privilege routing and interface scoping; explicit east‑west controls and micro‑segmentation
- Regionally anchored connectivity; no unintended trans‑regional backhaul and clear data‑path documentation
- Route‑filtering and locality controls aligned with regulatory constraints
- Performance & capacity planning
- Common anti‑patterns to avoid
Audience & Prerequisites
Cloud/Network Architects, Security Architects, Platform/SRE teams, Enterprise IT leaders.
Prereqs: familiarity with BGP, enterprise WANs, Azure networking (VNets, ER gateways, Virtual WAN), and standard security controls.
Session Materials
Slides and resources are available in the WPC Community reserved area
(Requires WPC Community access and login)
AWS
AWS Egress‑Only Internet Gateway (IPv6): Design, Setup & Best Practices
Date: Friday, May 30, 2025
Time: 6:30-7:30 PM CET
Format: Live tech webinar
Overview
IPv6 brings globally routable addressing to your VPCs, which is powerful but also changes the way you secure outbound internet access. In this practical, 60‑minute session, we’ll demystify the Egress‑Only Internet Gateway (EIGW): a horizontally scaled, highly available VPC component that enables outbound IPv6 connections while preventing unsolicited inbound access. We’ll cover how it works, when to use it instead of (or alongside) IGW/NAT, the required route‑table entries, and the security model.
What You’ll Learn (Learning Objectives)
By the end of the webinar, you will be able to:
- Explain what an Egress‑Only Internet Gateway is and why it exists in IPv6‑enabled VPCs, including its stateful nature and how it blocks unsolicited inbound connections while allowing return traffic.
- Differentiate EIGW vs IGW vs NAT Gateway.
- Configure EIGW end‑to‑end: create the gateway, associate IPv6 CIDR blocks to VPC/subnets as required, and add ::/0 (or specific IPv6 prefixes) to the route table to steer outbound traffic through the EIGW.
- Apply the right security controls: understand why security groups cannot be attached to an EIGW and how to use network ACLs to govern allowed traffic to/from subnets using the gateway.
Who Should Attend (Intended Audience)
- Cloud network architects & engineers designing IPv6‑ready VPCs.
- Security engineers implementing guardrails for outbound internet access.
- DevOps/SRE teams responsible for VPC routing and connectivity.
- Solution architects who need to choose correctly between EIGW, IGW, and NAT in multi‑account, multi‑VPC environments.
Prerequisites
- Working knowledge of AWS VPC fundamentals (subnets, route tables).
- Basic understanding of IPv4 vs IPv6 addressing and implications for internet connectivity.
- Familiarity with IGW/NAT Gateway concepts is helpful but not mandatory.
Session Materials
Looking for resources from the webinar? You can request the slide deck by filling out the contact form on the website.
Please include ” AWS Egress‑only IGW – Slide Deck ” in your message, and we’ll send it to you via email.
Please note: the webinar was delivered live and was not recorded, so a recording is not available.
AWS NAT Gateway Goes Regional: Design, Migration & Ops
Date: Friday, November 28, 2025
Time: 6:30-7:30 PM CET
Format: Live tech webinar
Overview
AWS has introduced a regional availability mode for NAT Gateway that eliminates per‑AZ juggling: you can now deploy a single NAT Gateway at the VPC (regional) scope, without creating public subnets in every AZ, and it automatically expands and contracts across AZs as your workloads scale. We’ll translate this change into concrete design guidance, and highlight the security, observability, and cost‑ops angles you should care about.
What You’ll Learn (Learning Objectives)
- How regional NAT Gateway works vs the legacy zonal model, and why it simplifies route tables, removes public‑subnet dependencies, and aligns NAT with other regional VPC constructs.
- Design patterns for private egress that avoid cross‑AZ hairpinning and keep traffic local, including tips for centralized vs distributed egress.
- IP strategy choices (AWS‑provided IPs vs BYOIP) and how to align them with partner allow‑listing and compliance requirements.
- Security & observability considerations: where to enforce controls, what to log, and how to tag/monitor NAT data processing and errors.
- Availability & scope: understanding current regional support and caveats (e.g., commercial Regions vs GovCloud/China at launch).
Who Should Attend (Intended Audience)
- Cloud & Network Architects designing multi‑AZ VPC topologies
- Platform/SRE and DevOps engineers managing egress for EKS/ECS/EC2 workloads
- Security engineers and SecOps teams responsible for egress policy and allow‑listing
- Solutions/Enterprise Architects advising on AWS networking standards at scale
Prerequisites
- Working knowledge of AWS VPC constructs (subnets, route tables, Internet Gateway) and how NAT Gateway enables private egress.
- Familiarity with multi‑AZ deployments and basic routing concepts.
- (Nice to have) Experience with IaC (CloudFormation/Terraform) for network builds and with IP allow‑listing/BYOIP.
Session Materials
Looking for resources from the webinar? You can request the slide deck by filling out the contact form on the website.
Please include ” AWS Regional NAT GW Webinar – Slide Deck ” in your message, and we’ll send it to you via email.
Please note: the webinar was delivered live and was not recorded, so a recording is not available.
Coming soon
Cisco
Coming soon
Coming soon