Cloud Academy has just published another new course by Azure Curriculum Director Trevor Sullivan.
Trevor is a Microsoft MVP for Windows PowerShell and a passionate educator.
Microsoft Azure Virtual Network
This course explores the primary components offered by Microsoft Azure Virtual Network under Microsoft Azure Resource Manager (ARM). A strong understanding of these concepts is critical for anyone wanting to migrate to, or provision new infrastructure on, the Microsoft Azure public cloud platform.
In addition to covering Azure Virtual Network concepts, the course demonstrates the deployment and management of these services using the Microsoft Azure Portal, Cross-Platform (xPlat) CLI Tool, and the Azure Resource Manager PowerShell module.
The components offered by Azure Virtual Network are:
Virtual Networks – Using Microsoft Azure Virtual Networks, you can deploy Azure services such as infrastrucutre Virtual Machine (IaaS), Redis Cache, and Web Apps. Each Virtual Network can have more than one overarching address space defined, and is subdivided into one or more subnets.
Network Security Groups – These are essentially Layer 4 (OSI model) firewall rules that allow you to limit the flow of network traffic at the Subnet and individual Network Interface layers. Each Network Security Group can contain up to 200 individual Network Security Rules, which allow or deny traffic, based on a variety of parameters, such as the source / destination IP address and ports, the network protocol, rule priority, and others. Network Security Groups must be created in the same Azure Region (Location) as the Virtual Network subnet that it will be associated with.
VPN Gateway – Using Microsoft Azure VPN Gateway, you can securely connect globally-distributed Virtual Networks together, as well as extending on-premises networks into the cloud. This scenario is known as Site-to-Site (S2S) connectivity, and is also commonly called “hybrid networking.” You can also enable Point-to-Site (P2S) connectivity, where the “point” is a client device that connects directly to the Virtual Network, and enables private access to network resources over a secure Virtual Private Network (VPN) connection. The P2S model is particularly useful for deploying lab environments in Microsoft Azure, that are only accessible through a private interface, or other cloud-based workloads that don’t require public access.
Load Balancer – Using the Microsoft Azure Load Balancer, you can build and deploy geographically distributed, high-performance, highly available applications. Load Balancers can be exposed publicly, through the use of a Public IP Address resource, or they can simply be deployed into a Virtual Network subnet for private, internal access. The Load Balancer health probe ensures the availability and health of the application, on each endpoint. Endpoints are dynamically added and removed from the Load Balancer’s rotation.
Route Tables – Microsoft Azure Virtual Networks support custom Route Tables, allowing you to shape the flow of cloud-based network traffic. One of the more common use cases of custom Route Tables is to route all network traffic through a Virtual Appliance that is responsible for ensuring the security of network traffic. A Route Table can be created, by itself, directly inside an ARM Resource Group, but it must be associated with a Virtual Network subnet in order to take effect on network traffic.
This new course follows two other new Azure courses and we anticipate many more to come in the weeks and months ahead. Join Trevor and dive into Azure Virtual Network concepts, deployment, and management!
As always, questions and comments are welcome. We never stop learning and hope you won’t either.