SlideShare une entreprise Scribd logo

Azure Networking Fundamentals

Télécharger en tant que PPTX, PDF
R
Razith2

The document provides an overview of Azure networking concepts including: - Virtual networks and subnets that logically separate Azure resources - Public and private IP addresses and how they are used - Common networking devices like load balancers, application gateways, and firewalls - Connectivity options between on-premises and Azure networks like ExpressRoute, VPN Gateway, and VNet peering - Network security features like network security groups, application security groups and Azure Firewall The document outlines the key networking services and configurations available in Azure, focusing on logical isolation of resources, secure connectivity, traffic management and security controls. It summarizes the main components involved in architecting and securing network infrastructure on Azure.

Internet
1  sur  39
Azure Networking Yasin Kabir Chowdury December 07, 2022
Speaker Yasin Kabir Chowdhury Azure Administrator, System Administrator & Network Engineer
Agenda 3/8/2023 3 1) Virtual Networks (Vnets) & Subnet 2) Public IP Vs Private IP 3) Static IP vs Dynamic IP 4) Route Table & Rules of Route 5) Network Security Group (NSG) 6) Ingress & Egress Security Rules 7) Service Endpoint 8) Application Security Group (ASG) 9) Azure Firewall 10) Azure Firewall Manager 11) NAT Gateway 12) Azure DNS 13) Azure Load Balancer 14) Application Gateway 15)Bastion Host 16) Azure Traffic manager 17) Express Route 18)VPN Gateway 19) Local Network Gateway 20) Vnet Peering
• IP stands for Internet Protocol • IP works something like the postal system. • It allows you to address a packet and drop it in the system, but there's no direct link between you and the recipient. • TCP/IP, on the other hand, establishes a connection between two hosts so that they can send data to the destination and reply back to the source. What is IP……?
• 32 Binary bit number • Represented in Decimal number system • 32 bits are divided into four equal parts • Each part contains 8 binary bit and known as octet. Octets are separated by dot (.) • Known as logical address • Example: Properties of IP Address Decimal 192.168.0.1 Binary 11000000.10101000.00000000.00000001
1st Octet 2nd Octet 3rd Octet 4th Octet 192 168 0 1 11000000 10101000 00000000 00000001 Octets in IP address Octet 1st Octet 2nd Octet 3rd Octet 4th Octet Minimum 00000000 00000000 00000000 00000000 Maximum 11111111 11111111 11111111 11111111 Minimum 0 0 0 0 Maximum 255 255 255 255
The values of the first octet ranging from 0 to 255 are divided into five groups and known as Class. Class in IP address Class Binary Decimal Minimum Maximum Minimum Maximum A 00000000 01111111 0 (1) 127* B 10000000 10111111 128 191 C 11000000 11011111 192 223 D 11100000 11101111 224 239 E 11110000 11111111 240 255 * IP addresses starting with 127 are known as loopback address
Class Ranges of IP Addresses
32 bits of an IP address are divided into two parts and known as network bit and host bit. The left side bits of an IP address are known as network bit and the right side bits are known as host bit. Network bit and host bit Class Network bit Host bit Format A 8 24 N.H.H.H B 16 16 N.N.H.H C 24 8 N.N.N.H
10 Virtual Networks (Vnets) AzureVirtual Network is a logical boundary of a private network in azure.The Azure resources can securely connect via internet or on premises byVnet. Virtual Subnets With the subnet we can divide a virtual network in multiple networks and can assignVms ,Nics others resources associate with them for as per requirements.
Public IP address: A public IP address is the address that is assigned to a device to allow direct access over the Internet. A web server, email server and any server device directly accessible from the Internet are candidate for a public IP address. A public IP address is globally unique, and can only be assigned to an unique device. Public IP addresses are internationally routable and saleable. Public VS Private IP address
Private IP address: A private IP address is the address space allocated to NIC to allow organizations to create their own private network. The computers, tablets and Smartphone sitting behind your home, and the personal computers within an organizations are usually assigned private IP addresses. A network printer residing in your home or office is assigned a private address so that only your local users can print to your local printer. Private IP addresses are non routable and non saleable. Public VS Private IP address
Class Starting IP Ending IP # of host A 10.0.0.0 10.255.255.255 1,67,77,216 B 172.16.0.0 172.31.255.255 1048576 C 192.168.0.0 192.168.255.255 65536 All the rest are public IP address Range of Private IP addresses
Static IP address: A static IP address is an address that is permanently assigned to a device by the administrator, and does not change even if the device reboots. A static IP address is usually assigned to a server who is hosting websites, providing email, database and FTP services. Static VS Dynamic IP address
Dynamic IP address: A dynamic IP address is dynamically assigned to device by the DHCP server. Each time the device is rebooted, DHCP dynamically assigns an IP address to the device using DHCP protocol. Since DHCP dynamically assigns an IP address to a device on reboot, the device may not always receive the same IP address. Static VS Dynamic IP address
Route Table
Network Security Group (NSG) You can use an Azure network security group to filter network traffic between Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.
Security Rules Ingress/Egress
Service Endpoint Virtual Network (VNet) service endpoint policies allow you to filter egress virtual network traffic to Azure Storage accounts over service endpoint, and allow data exfiltration to only specific Azure Storage accounts. Endpoint policies provide granular access control for virtual network traffic to Azure Storage when connecting over service endpoint.
Application Security Group (ASG) Application security groups enable you to configure network security as a natural extension of an application's structure, allowing you to group virtual machines and define network security policies based on those groups. You can reuse your security policy at scale without manual maintenance of explicit IP addresses. The platform handles the complexity of explicit IP addresses and multiple rule sets, allowing you to focus on your business logic.
Azure Firewall Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It's a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability. It provides both east-west and north-south traffic inspection.
Azure Firewall Manager Azure Firewall Manager is a security management service that provides central security policy and route management for cloud-based security perimeters. Secured virtual hub An Azure Virtual WAN Hub is a Microsoft-managed resource that lets you easily create hub and spoke architectures. When security and routing policies are associated with such a hub. Hub virtual network This is a standard Azure virtual network that you create and manage yourself. When security policies are associated with such a hub, it is referred to as a hub virtual network. At this time, only Azure Firewall Policy is supported. You can peer spoke virtual networks that contain your workload servers and services. You can also manage firewalls in standalone virtual networks that aren't peered to any spoke.
Bastion Host Azure Bastion is a service you deploy that lets you connect to a virtual machine using your browser and the Azure portal, or via the native SSH or RDP client already installed on your local computer. The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS. When you connect via Azure Bastion, your virtual machines don't need a public IP address, agent, or special client software.
NAT Gateway Virtual Network NAT is a fully managed and highly resilient Network Address Translation (NAT) service. Virtual Network NAT simplifies outbound Internet connectivity for virtual networks. When configured on a subnet, all outbound connectivity uses the Virtual Network NAT's static public IP addresses.
Azure DNS Azure DNS is a hosting service for DNS domains that provides name resolution by using Microsoft Azure infrastructure. By hosting your domains in Azure, you can manage your DNS records by using the same credentials, APIs, tools, and billing as your other Azure services..
Azure Load Balancer Load balancing refers to evenly distributing load (incoming network traffic) across a group of backend resources or servers. Load balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. These flows are according to configured load-balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a Virtual Machine Scale Set.
Public & Private Load Balancer A public load balancer can provide outbound connections for virtual machines (VMs) inside your virtual network. These connections are accomplished by translating their private IP addresses to public IP addresses. Public Load Balancers are used to load balance internet traffic to your VMs. An internal (or private) load balancer is used where private IPs are needed at the frontend only. Internal load balancers are used to load balance traffic inside a virtual network. A load balancer frontend can be accessed from an on-premises network in a hybrid scenario.
Azure Application Gateway Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.
URL Path Based Routing Multiple Site Routing
Azure Traffic Manager Azure Traffic Manager is a DNS-based traffic load balancer. This service allows you to distribute traffic to your public facing applications across the global Azure regions. Traffic Manager also provides your public endpoints with high availability and quick responsiveness.
Azure Express Route ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider. onnectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a colocation facility. ExpressRoute connections don't go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, consistent latencies, and higher security than typical connections over the Internet.
Azure VPN Gateway VPN Gateway sends encrypted traffic between an Azure virtual network and an on-premises location over the public Internet. You can also use VPN Gateway to send encrypted traffic between Azure virtual networks over the Microsoft network. A VPN gateway is a specific type of virtual network gateway. Each virtual network can have only one VPN gateway. However, you can create multiple connections to the same VPN gateway. When you create multiple connections to the same VPN gateway, all VPN tunnels share the available gateway bandwidth.
Site-to-Site VPN A Site-to-Site (S2S) VPN gateway connection is a connection over IPsec/IKE (IKEv1 or IKEv2) VPN tunnel. S2S connections can be used for cross-premises and hybrid configurations. A S2S connection requires a VPN device located on-premises that has a public IP address assigned to it. For information about selecting a VPN device
Point-to-Site VPN A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer. A P2S connection is established by starting it from the client computer.
VNet-to-VNet connections Connecting a virtual network to another virtual network (VNet-to-VNet) is similar to connecting a VNet to an on-premises site location. Both connectivity types use a VPN gateway to provide a secure tunnel using IPsec/IKE. You can even combine VNet-to-VNet communication with multi-site connection configurations.
Local Network Gateway A local network gateway represents the hardware or software VPN device in your local network at on prem. This is generally created in Azure to set up a site to site (s2s)VPN connection between an Azure Virtual network and your local network.
Vnet Peering VNet peering (or Virtual Network peering) enables you to connect virtual networks. A VNet peering connection between virtual networks enables you to route traffic between them privately through IPv4 addresses. Virtual machines in the peered VNets can communicate with each other as if they are within the same network. VNet Peering Types 1. Regional VNet Peering: Connecting VNets within the same Azure region. 2. Global VNet Peering: Connecting VNets across Azure regions.
3/8/2023 39 THANK YOU ALL

Recommandé

Part 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewPart 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewNeeraj Kumar
 
Let's Talk About: Azure Networking
Let's Talk About: Azure NetworkingLet's Talk About: Azure Networking
Let's Talk About: Azure NetworkingPedro Sousa
 
Microsoft Azure Networking Basics
Microsoft Azure Networking BasicsMicrosoft Azure Networking Basics
Microsoft Azure Networking BasicsSai Kishore Naidu
 
Azure vnet
Azure vnetAzure vnet
Azure vnetzekeLabs Technologies
 
Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Shawn Ismail
 
Microsoft Azure Fundamentals
Microsoft Azure FundamentalsMicrosoft Azure Fundamentals
Microsoft Azure FundamentalsAdwait Ullal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Edureka!
 

Recommandé

Part 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewPart 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewNeeraj Kumar
 
Let's Talk About: Azure Networking
Let's Talk About: Azure NetworkingLet's Talk About: Azure Networking
Let's Talk About: Azure NetworkingPedro Sousa
 
Microsoft Azure Networking Basics
Microsoft Azure Networking BasicsMicrosoft Azure Networking Basics
Microsoft Azure Networking BasicsSai Kishore Naidu
 
Azure vnet
Azure vnetAzure vnet
Azure vnetzekeLabs Technologies
 
Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Shawn Ismail
 
Microsoft Azure Fundamentals
Microsoft Azure FundamentalsMicrosoft Azure Fundamentals
Microsoft Azure FundamentalsAdwait Ullal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Edureka!
 
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxPPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxFadhilMuhammad80
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Az 104 session 4: azure storage
Az 104 session 4: azure storageAz 104 session 4: azure storage
Az 104 session 4: azure storageAzureEzy1
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Neeraj Kumar
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual networkLalit Rawat
 
Understanding Azure Networking Services
Understanding Azure Networking ServicesUnderstanding Azure Networking Services
Understanding Azure Networking ServicesInCycleSoftware
 
Azure 101
Azure 101Azure 101
Azure 101Korry Lavoie
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 
Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksMatthias Güntert
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introductionbrunoterkaly
 
The Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureThe Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureAptera Inc
 
Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101R M Shahidul Islam Shahed
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesMarius Zaharia
 
10052016115136.pptx
10052016115136.pptx10052016115136.pptx
10052016115136.pptxdixitgangaiah
 
Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityScott Hoag
 

Contenu connexe

Tendances

PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxPPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxFadhilMuhammad80
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Az 104 session 4: azure storage
Az 104 session 4: azure storageAz 104 session 4: azure storage
Az 104 session 4: azure storageAzureEzy1
 
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Neeraj Kumar
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual networkLalit Rawat
 
Understanding Azure Networking Services
Understanding Azure Networking ServicesUnderstanding Azure Networking Services
Understanding Azure Networking ServicesInCycleSoftware
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 
Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksMatthias Güntert
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introductionbrunoterkaly
 
The Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureThe Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureAptera Inc
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesMarius Zaharia
 

Tendances (20)

PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptxPPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Az 104 session 4: azure storage
Az 104 session 4: azure storageAz 104 session 4: azure storage
Az 104 session 4: azure storage
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
Part 03: Azure Virtual Networks – Understanding and Creating Point-to-Site VP...
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual network
 
Understanding Azure Networking Services
Understanding Azure Networking ServicesUnderstanding Azure Networking Services
Understanding Azure Networking Services
 
Azure 101
Azure 101Azure 101
Azure 101
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
 
Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private Links
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to Azure
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
 
Azure Introduction
Azure IntroductionAzure Introduction
Azure Introduction
 
The Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureThe Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft Azure
 
Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101Introduction to Microsoft Azure 101
Introduction to Microsoft Azure 101
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 Overview
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet Topologies
 

Similaire à Azure Networking Fundamentals

Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityScott Hoag
 
Brk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureBrk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureAbou CONDE
 
AWS Virtual Private Cloud
AWS Virtual Private CloudAWS Virtual Private Cloud
AWS Virtual Private CloudMahesh Raj
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...VMworld
 
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBMuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBJitendra Bafna
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
AWS Network Topology/Architecture
AWS Network Topology/ArchitectureAWS Network Topology/Architecture
AWS Network Topology/Architecturewlscaudill
 
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...Interoute
 
Mastering the move
Mastering the moveMastering the move
Mastering the moveTrivadis
 
AWS IoT vs Azure IoT
AWS IoT vs Azure IoTAWS IoT vs Azure IoT
AWS IoT vs Azure IoTahmed badr
 
Building Intelligent Cloud with Microsoft Azure
Building Intelligent Cloud with Microsoft AzureBuilding Intelligent Cloud with Microsoft Azure
Building Intelligent Cloud with Microsoft AzureWinWire Technologies Inc
 
AWS VPC & Networking basic concepts
AWS VPC & Networking basic conceptsAWS VPC & Networking basic concepts
AWS VPC & Networking basic conceptsAbhinav Kumar
 
Azure network and infrastructure
Azure network and infrastructureAzure network and infrastructure
Azure network and infrastructurePhi Huynh
 
Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...
Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...
Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...David J Rosenthal
 
Becoming a Microsoft Specialist in Microsoft Azure Infrastructure
Becoming a Microsoft Specialist in Microsoft Azure InfrastructureBecoming a Microsoft Specialist in Microsoft Azure Infrastructure
Becoming a Microsoft Specialist in Microsoft Azure InfrastructureSyed Irtaza Ali
 

Similaire à Azure Networking Fundamentals (20)

10052016115136.pptx
10052016115136.pptx10052016115136.pptx
10052016115136.pptx
 
Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network Security
 
Brk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azureBrk30176 enterprise class networking in azure
Brk30176 enterprise class networking in azure
 
AWS Virtual Private Cloud
AWS Virtual Private CloudAWS Virtual Private Cloud
AWS Virtual Private Cloud
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure Networking
 
VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part Two of Five: vCloud Hybri...
 
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLBMuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
MuleSoft Surat Live Demonstration Virtual Meetup#1 - Anypoint VPC VPN and DLB
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
 
AWS Network Topology/Architecture
AWS Network Topology/ArchitectureAWS Network Topology/Architecture
AWS Network Topology/Architecture
 
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...
 
Getting Started on AWS
Getting Started on AWS Getting Started on AWS
Getting Started on AWS
 
Mastering the move
Mastering the moveMastering the move
Mastering the move
 
Networking slide
Networking slideNetworking slide
Networking slide
 
AWS IoT vs Azure IoT
AWS IoT vs Azure IoTAWS IoT vs Azure IoT
AWS IoT vs Azure IoT
 
Building Intelligent Cloud with Microsoft Azure
Building Intelligent Cloud with Microsoft AzureBuilding Intelligent Cloud with Microsoft Azure
Building Intelligent Cloud with Microsoft Azure
 
AWS VPC & Networking basic concepts
AWS VPC & Networking basic conceptsAWS VPC & Networking basic concepts
AWS VPC & Networking basic concepts
 
cc.pptx
cc.pptxcc.pptx
cc.pptx
 
Azure network and infrastructure
Azure network and infrastructureAzure network and infrastructure
Azure network and infrastructure
 
Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...
Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...
Latest Microsoft Azure Solutions and Announcements - Presented by atidan june...
 
Becoming a Microsoft Specialist in Microsoft Azure Infrastructure
Becoming a Microsoft Specialist in Microsoft Azure InfrastructureBecoming a Microsoft Specialist in Microsoft Azure Infrastructure
Becoming a Microsoft Specialist in Microsoft Azure Infrastructure
 

Dernier

定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 

Dernier (20)

定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 

Azure Networking Fundamentals

  • 2. Speaker Yasin Kabir Chowdhury Azure Administrator, System Administrator & Network Engineer
  • 3. Agenda 3/8/2023 3 1) Virtual Networks (Vnets) & Subnet 2) Public IP Vs Private IP 3) Static IP vs Dynamic IP 4) Route Table & Rules of Route 5) Network Security Group (NSG) 6) Ingress & Egress Security Rules 7) Service Endpoint 8) Application Security Group (ASG) 9) Azure Firewall 10) Azure Firewall Manager 11) NAT Gateway 12) Azure DNS 13) Azure Load Balancer 14) Application Gateway 15)Bastion Host 16) Azure Traffic manager 17) Express Route 18)VPN Gateway 19) Local Network Gateway 20) Vnet Peering
  • 4. • IP stands for Internet Protocol • IP works something like the postal system. • It allows you to address a packet and drop it in the system, but there's no direct link between you and the recipient. • TCP/IP, on the other hand, establishes a connection between two hosts so that they can send data to the destination and reply back to the source. What is IP……?
  • 5. • 32 Binary bit number • Represented in Decimal number system • 32 bits are divided into four equal parts • Each part contains 8 binary bit and known as octet. Octets are separated by dot (.) • Known as logical address • Example: Properties of IP Address Decimal 192.168.0.1 Binary 11000000.10101000.00000000.00000001
  • 6. 1st Octet 2nd Octet 3rd Octet 4th Octet 192 168 0 1 11000000 10101000 00000000 00000001 Octets in IP address Octet 1st Octet 2nd Octet 3rd Octet 4th Octet Minimum 00000000 00000000 00000000 00000000 Maximum 11111111 11111111 11111111 11111111 Minimum 0 0 0 0 Maximum 255 255 255 255
  • 7. The values of the first octet ranging from 0 to 255 are divided into five groups and known as Class. Class in IP address Class Binary Decimal Minimum Maximum Minimum Maximum A 00000000 01111111 0 (1) 127* B 10000000 10111111 128 191 C 11000000 11011111 192 223 D 11100000 11101111 224 239 E 11110000 11111111 240 255 * IP addresses starting with 127 are known as loopback address
  • 8. Class Ranges of IP Addresses
  • 9. 32 bits of an IP address are divided into two parts and known as network bit and host bit. The left side bits of an IP address are known as network bit and the right side bits are known as host bit. Network bit and host bit Class Network bit Host bit Format A 8 24 N.H.H.H B 16 16 N.N.H.H C 24 8 N.N.N.H
  • 10. 10 Virtual Networks (Vnets) AzureVirtual Network is a logical boundary of a private network in azure.The Azure resources can securely connect via internet or on premises byVnet. Virtual Subnets With the subnet we can divide a virtual network in multiple networks and can assignVms ,Nics others resources associate with them for as per requirements.
  • 11.
  • 12. Public IP address: A public IP address is the address that is assigned to a device to allow direct access over the Internet. A web server, email server and any server device directly accessible from the Internet are candidate for a public IP address. A public IP address is globally unique, and can only be assigned to an unique device. Public IP addresses are internationally routable and saleable. Public VS Private IP address
  • 13. Private IP address: A private IP address is the address space allocated to NIC to allow organizations to create their own private network. The computers, tablets and Smartphone sitting behind your home, and the personal computers within an organizations are usually assigned private IP addresses. A network printer residing in your home or office is assigned a private address so that only your local users can print to your local printer. Private IP addresses are non routable and non saleable. Public VS Private IP address
  • 14. Class Starting IP Ending IP # of host A 10.0.0.0 10.255.255.255 1,67,77,216 B 172.16.0.0 172.31.255.255 1048576 C 192.168.0.0 192.168.255.255 65536 All the rest are public IP address Range of Private IP addresses
  • 15. Static IP address: A static IP address is an address that is permanently assigned to a device by the administrator, and does not change even if the device reboots. A static IP address is usually assigned to a server who is hosting websites, providing email, database and FTP services. Static VS Dynamic IP address
  • 16. Dynamic IP address: A dynamic IP address is dynamically assigned to device by the DHCP server. Each time the device is rebooted, DHCP dynamically assigns an IP address to the device using DHCP protocol. Since DHCP dynamically assigns an IP address to a device on reboot, the device may not always receive the same IP address. Static VS Dynamic IP address
  • 18. Network Security Group (NSG) You can use an Azure network security group to filter network traffic between Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.
  • 20. Service Endpoint Virtual Network (VNet) service endpoint policies allow you to filter egress virtual network traffic to Azure Storage accounts over service endpoint, and allow data exfiltration to only specific Azure Storage accounts. Endpoint policies provide granular access control for virtual network traffic to Azure Storage when connecting over service endpoint.
  • 21. Application Security Group (ASG) Application security groups enable you to configure network security as a natural extension of an application's structure, allowing you to group virtual machines and define network security policies based on those groups. You can reuse your security policy at scale without manual maintenance of explicit IP addresses. The platform handles the complexity of explicit IP addresses and multiple rule sets, allowing you to focus on your business logic.
  • 22. Azure Firewall Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It's a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability. It provides both east-west and north-south traffic inspection.
  • 23. Azure Firewall Manager Azure Firewall Manager is a security management service that provides central security policy and route management for cloud-based security perimeters. Secured virtual hub An Azure Virtual WAN Hub is a Microsoft-managed resource that lets you easily create hub and spoke architectures. When security and routing policies are associated with such a hub. Hub virtual network This is a standard Azure virtual network that you create and manage yourself. When security policies are associated with such a hub, it is referred to as a hub virtual network. At this time, only Azure Firewall Policy is supported. You can peer spoke virtual networks that contain your workload servers and services. You can also manage firewalls in standalone virtual networks that aren't peered to any spoke.
  • 24. Bastion Host Azure Bastion is a service you deploy that lets you connect to a virtual machine using your browser and the Azure portal, or via the native SSH or RDP client already installed on your local computer. The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS. When you connect via Azure Bastion, your virtual machines don't need a public IP address, agent, or special client software.
  • 25. NAT Gateway Virtual Network NAT is a fully managed and highly resilient Network Address Translation (NAT) service. Virtual Network NAT simplifies outbound Internet connectivity for virtual networks. When configured on a subnet, all outbound connectivity uses the Virtual Network NAT's static public IP addresses.
  • 26. Azure DNS Azure DNS is a hosting service for DNS domains that provides name resolution by using Microsoft Azure infrastructure. By hosting your domains in Azure, you can manage your DNS records by using the same credentials, APIs, tools, and billing as your other Azure services..
  • 27. Azure Load Balancer Load balancing refers to evenly distributing load (incoming network traffic) across a group of backend resources or servers. Load balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. These flows are according to configured load-balancing rules and health probes. The backend pool instances can be Azure Virtual Machines or instances in a Virtual Machine Scale Set.
  • 28. Public & Private Load Balancer A public load balancer can provide outbound connections for virtual machines (VMs) inside your virtual network. These connections are accomplished by translating their private IP addresses to public IP addresses. Public Load Balancers are used to load balance internet traffic to your VMs. An internal (or private) load balancer is used where private IPs are needed at the frontend only. Internal load balancers are used to load balance traffic inside a virtual network. A load balancer frontend can be accessed from an on-premises network in a hybrid scenario.
  • 29. Azure Application Gateway Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.
  • 30. URL Path Based Routing Multiple Site Routing
  • 31. Azure Traffic Manager Azure Traffic Manager is a DNS-based traffic load balancer. This service allows you to distribute traffic to your public facing applications across the global Azure regions. Traffic Manager also provides your public endpoints with high availability and quick responsiveness.
  • 32. Azure Express Route ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider. onnectivity can be from an any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a colocation facility. ExpressRoute connections don't go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, consistent latencies, and higher security than typical connections over the Internet.
  • 33. Azure VPN Gateway VPN Gateway sends encrypted traffic between an Azure virtual network and an on-premises location over the public Internet. You can also use VPN Gateway to send encrypted traffic between Azure virtual networks over the Microsoft network. A VPN gateway is a specific type of virtual network gateway. Each virtual network can have only one VPN gateway. However, you can create multiple connections to the same VPN gateway. When you create multiple connections to the same VPN gateway, all VPN tunnels share the available gateway bandwidth.
  • 34. Site-to-Site VPN A Site-to-Site (S2S) VPN gateway connection is a connection over IPsec/IKE (IKEv1 or IKEv2) VPN tunnel. S2S connections can be used for cross-premises and hybrid configurations. A S2S connection requires a VPN device located on-premises that has a public IP address assigned to it. For information about selecting a VPN device
  • 35. Point-to-Site VPN A Point-to-Site (P2S) VPN gateway connection lets you create a secure connection to your virtual network from an individual client computer. A P2S connection is established by starting it from the client computer.
  • 36. VNet-to-VNet connections Connecting a virtual network to another virtual network (VNet-to-VNet) is similar to connecting a VNet to an on-premises site location. Both connectivity types use a VPN gateway to provide a secure tunnel using IPsec/IKE. You can even combine VNet-to-VNet communication with multi-site connection configurations.
  • 37. Local Network Gateway A local network gateway represents the hardware or software VPN device in your local network at on prem. This is generally created in Azure to set up a site to site (s2s)VPN connection between an Azure Virtual network and your local network.
  • 38. Vnet Peering VNet peering (or Virtual Network peering) enables you to connect virtual networks. A VNet peering connection between virtual networks enables you to route traffic between them privately through IPv4 addresses. Virtual machines in the peered VNets can communicate with each other as if they are within the same network. VNet Peering Types 1. Regional VNet Peering: Connecting VNets within the same Azure region. 2. Global VNet Peering: Connecting VNets across Azure regions.

Notes de l'éditeur

  1. Line spacing + Page numbers
  2. Line spacing + Page numbers