Networking

Linking compute resources and providing access to applications is the key function of Azure networking. Networking functionality in Azure includes a range of options to connect the outside world to services and features in the global Azure datacenters.

Service name

Service function

Azure Virtual Network

Connects VMs to incoming virtual private network (VPN) connections.

Azure Load Balancer

Balances inbound and outbound connections to applications or service endpoints.

Azure Application Gateway

Optimizes app server farm delivery while increasing application security.

Azure VPN Gateway

Accesses Azure Virtual Networks through high-performance VPN gateways.

Azure DNS

Provides ultra-fast DNS responses and ultra-high domain availability.

Azure Content Delivery Network

Delivers high-bandwidth content to customers globally.

Azure DDoS Protection

Protects Azure-hosted applications from distributed denial of service (DDOS) attacks.

Azure Traffic Manager

Distributes network traffic across Azure regions worldwide.

Azure ExpressRoute

Connects to Azure over high-bandwidth dedicated secure connections.

Azure Network Watcher

Monitors and diagnoses network issues by using scenario-based analysis.

Azure Firewall

Implements high-security, high-availability firewall with unlimited scalability.

Azure Virtual WAN

Creates a unified wide area network (WAN) that connects local and remote sites.

Azure Virtual Network

  • enables Azure resources to communicate with

    • each other,

    • users on the internet,

    • on-premises client computers.

Virtual Network peering allows linking virtual networks which can be in separate regions thereby creating a global interconnected network.

UDR is user-defined routing that allows network admins to control the routing tables between subnets within a VNet, as well as between VNets

Azure VPN Gateway

  • a type of virtual network gateway

  • Azure VPN gateway instances are deployed in Azure Virtual Network instances and enables:

    • Site-to-Site: connect on-premises datacenters to virtual networks

    • Point-to-Site: connect individual devices to virtual networks

    • Network-to-Network: connect virtual networks to other virtual networks

Policy-based VPNs

Route-based VPNs

Azure ExpressRoute

  • Layer 3 connectivity between your on-premises network and the Microsoft Cloud through a connectivity provider.

    • connectivity can be from

      • any-to-any (IPVPN) network,

      • point-to-point Ethernet connection

      • virtual cross-connection via an Ethernet Exchange.

  • establish connection to Microsoft cloud services such as Azure and Microsoft 365.

  • dynamic routing between your network and Microsoft via BGP

  • offers

    • reliability

    • faster speed

    • consistent latencies

    • high security

Azure Firewall

Azure Firewall is a managed, cloud-based network security service that helps protect resources in your Azure virtual networks.

Azure Firewall is a stateful firewall. A stateful firewall analyzes the complete context of a network connection, not just an individual packet of network traffic.

Azure Application Gateway also provides a firewall that's called the web application firewall (WAF). WAF provides centralized, inbound protection for your web applications against common exploits and vulnerabilities. Azure Front Door and Azure Content Delivery Network also provide WAF services.

A network security group enables you to filter network traffic to and from Azure resources within an Azure virtual network.

Last updated