Microsoft Azure: Networking Services
As part of the Microsoft Enterprise Skills Initiative I am looking into different topics in Azure and summarize my learnings. This post is about Azure networking services
Azure networking services is a virtual networking services on Azure which enables Azure resources to communicate with each other, with users on the internet, and with your on-premises client computers.
- Isolation and segmentation allows isolated networks with private IP addresses
- Internet communications by assigning a public IP to a resource, one can communicate with directly from internet
- Communicate between Azure resources enables Azure resources to communicate securely with each other
- Communicate with on-premises resources using a VPN Gateway
- Point-to-site virtual private network
- Site-to-site virtual private networks links your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network
- Azure ExpressRoute provides dedicated private connectivity to Azure that doesn’t travel over the internet. Be careful though, even so the connectivity is private, it’s not encrypted.
- Route network traffic using routing tables or Border Gateway Protocol Border Gateway Protocol (BGP).
- Filter network traffic using Network Security Groups (NSGs) or Network virtual appliances.
- Connect virtual networks by linking virtual networks together by using virtual network peering, and user-defined Routing (UDR) to control the routing tables.
VPN Gateway can be either one of the following:
- Policy-based VPNs uses a set of static IP address to define which packet goes trough the tunnel.
- Route-based VPNs uses IPSec tunnel, which are modeled as a network interface or virtual tunnel interface. IP routing (either static routes or dynamic routing protocols) decides which one of these tunnel interfaces to use when sending each packet