Microsoft Azure: Networking Services

As part of the Microsoft Enterprise Skills Initiative I am looking into different topics in Azure and summarize my learnings. This post is about Azure networking services

Azure networking services is a virtual networking services on Azure which enables Azure resources to communicate with each other, with users on the internet, and with your on-premises client computers.

  • Isolation and segmentation allows isolated networks with private IP addresses
  • Internet communications by assigning a public IP to a resource, one can communicate with directly from internet
  • Communicate between Azure resources enables Azure resources to communicate securely with each other
  • Communicate with on-premises resources using a VPN Gateway
    • Point-to-site virtual private network
    • Site-to-site virtual private networks links your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network
    • Azure ExpressRoute provides dedicated private connectivity to Azure that doesn’t travel over the internet. Be careful though, even so the connectivity is private, it’s not encrypted.
  • Route network traffic using routing tables or Border Gateway Protocol Border Gateway Protocol (BGP).
  • Filter network traffic using Network Security Groups (NSGs) or Network virtual appliances.
  • Connect virtual networks by linking virtual networks together by using virtual network peering, and user-defined Routing (UDR) to control the routing tables.

VPN Gateway can be either one of the following:

  • Policy-based VPNs uses a set of static IP address to define which packet goes trough the tunnel.
  • Route-based VPNs uses IPSec tunnel, which are modeled as a network interface or virtual tunnel interface. IP routing (either static routes or dynamic routing protocols) decides which one of these tunnel interfaces to use when sending each packet
Last modified on July 19, 2022
Edit this page on
← Microsoft Azure: Migration
Microsoft Azure: Observability →