The course is part of this learning path
This introduction to the AZ-700 learning path gives an overview of the requirements for the Microsoft AZ-700 Azure Network Engineer exam and how they will be covered.
The five major subject areas are:
- Design, implement, and manage hybrid networking
- Design and implement core networking infrastructure
- Design and implement routing
- Secure and monitor networks
- Design and implement private access to Azure services
Hello and welcome to Designing and Implementing Azure Network Solutions. The purpose of this learning path is to prepare you for Microsoft’s AZ-700 exam. If you pass the AZ-700 exam, then you’ll earn the Azure Network Engineer Associate certification.
My name’s Guy Hummel and I’m a Microsoft Certified Azure Architect and Network Engineer. The AZ-700 exam tests your knowledge of five subject areas. Here’s how we’ll cover them in this learning path.
We’ll start with hybrid networking. Most Microsoft customers already have existing infrastructure in on-premises locations and need to connect that infrastructure to Azure. There are two primary methods of doing this: Azure ExpressRoute and Azure VPN. ExpressRoute gives you a dedicated connection to Azure that doesn’t go over the internet.
With Azure VPN, you create encrypted connections to Azure over the internet. There are two different kinds of Azure VPN implementations: site-to-site and point-to-site. With site-to-site, you connect an entire on-premises location to Azure. With point-to-site, you connect individual devices to Azure.
The next section is about core networking infrastructure. The heart of Azure networking is the virtual network (or VNet). You’ll learn how to create VNets, set up name resolution using Azure DNS, connect two virtual networks together using VNet peering, and create a wide area network using Azure Virtual WAN.
After that, we’ll cover routing. As you’d expect, Azure supports user-defined routes in its virtual networks, but this section includes far more than that. One big topic is load balancing. You’ll learn how to use Azure Load Balancer to distribute traffic to pools of virtual machines, which is a good way to scale up your compute resources for an application and make it highly available.
Microsoft also offers another type of load balancer called Azure Application Gateway. It operates at the application layer of the networking stack because it routes HTTP or HTTPS traffic. This lets you do some cool things like route traffic based on keywords in an application’s URL.
Those two services operate within a particular Azure region. If you need to load balance across multiple regions, then you need to use either Azure Traffic Manager or Azure Front Door to direct traffic to your regional load balancers. The difference between them is similar to the difference between Load Balancer and Application Gateway. Traffic Manager routes all types of traffic but in a simple way. Front Door operates at the HTTP layer, so it can route based on the URL and perform other optimizations for web-based applications.
The final part of the routing section covers Azure Virtual Network NAT. You can use this service to do network address translation, which lets you put multiple private IP addresses behind a single public IP address.
In the next section, you’ll learn how to secure and monitor your networks. For security, Microsoft offers several types of firewalls: Azure Firewall, network security groups (or NSGs), and Azure Web Application Firewall. Network monitoring is provided primarily by Azure Network Watcher.
In the final section, you’ll learn how to configure private access to Azure services. This includes private endpoints, service endpoints, and VNet integration. These are all methods that let a VNet connect to Azure services over the Microsoft backbone network rather than over the internet.
Now, are you ready to become an Azure network engineer? Then let’s get started! To get to the next course in this learning path, click on the Learning Path pullout menu on the left side of the page. But please remember to rate this introduction before you go on to the next course. Thanks!
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).