1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Getting Started with Azure Virtual Networks

Communications

The course is part of these learning paths

Microsoft Azure for Solution Architects
course-steps
27
certification
10
lab-steps
14
AZ-303 Exam Preparation: Technologies for Microsoft Azure Architects
course-steps
28
certification
7
lab-steps
13
description
1
AZ-104 Exam Preparation: Microsoft Azure Administrator
course-steps
21
certification
7
lab-steps
16
3 Pillars of the Azure Cloud
course-steps
4
certification
1
lab-steps
1
more_horizSee 2 more
play-arrow
Start course
Overview
Difficulty
Intermediate
Duration
1h 5m
Students
782
Ratings
4.6/5
starstarstarstarstar-half
Description

This course explores Azure Virtual Networks, how to create them, and how to connect them. It begins with a vNet overview and you'll learn about basic Azure Virtual Network concepts and about some key best practices. We'll cover communications topics, filtering, routing, and integration, before working through a demo that shows you how to deploy a virtual network in Microsoft Azure.

After covering the basics of Azure Virtual Networks in the first half of this course, we'll use the second half to dive into VPNs, where you'll learn about site-to-site VPNs, point-to-site VPNs, ExpressRoute, and vNet peering. You'll also watch a demonstration from the Azure platform that shows you how to peer two vNets in Azure. 

If you have any feedback relating to this course, feel free to contact us at support@cloudacademy.com.

Learning Objectives

  • Obtain a foundational understanding of Azure Virtual Networks including key concepts, best practices, communications, filtering, routing, and integration
  • Provision a virtual network
  • Understand what the Azure VPN Gateway is and what it does
  • Build a site-to-site VPN
  • Learn how to connect a single client computer to a virtual network using a point-to-site VPN gateway
  • Learn how to connect your on-premise network to Azure using ExpressRoute
  • Learn how to peer two Azure Virtual Networks

Intended Audience

This course is intended for anyone who wants to learn about Azure Virtual Networks, how to create them, and how to connect them.

Prerequisites

To get the most out of this course, you should have a basic understanding of the Azure platform and networking in general.

Transcript

Welcome to Communications! In this lesson, we are going to take a look at the different ways that Azure virtual networks facilitate communication.

The purpose of virtual networks in Azure is to allow Azure resources to securely communicate with one another, with the internet, and with on-prem networks.

By default, all resources that are connected to a virtual network can communicate outbound to the internet. To enable inbound communication from the internet to an Azure resource, you can either assign a public IP address to that resource OR you can by provisioning a public load balancer.

Communication between Azure resources can be achieved in a few different ways. For example, virtual machines and other types of Azure resources like Scale sets and App Service Environments can be deployed to a virtual network, which, in turn, allows for secure communications among those resources. 

Virtual network service endpoints can also be used to facilitate communications.  What a virtual network service endpoint does is allow you to extend a virtual network’s private address space and identity to certain Azure resources, like Azure Storage accounts and Azure SQL databases, over a direct connection. Service endpoints allow you to secure such Azure resources to only a virtual network.

vNet peering is another way that you can facilitate communication between Azure resources. When you peer a virtual network with another virtual network, what you are doing is connecting the two virtual networks together. When you do this, you allow azure resources on one virtual network to talk to the other virtual network that you are peered with.

When you need to connect your Azure virtual network to an on-prem network, you can use a point-to-site VPN, a site-to-site VPN, or ExpressRoute.

A point-to-site VPN allows you to establish a connection between a single computer in your on-prem network and your virtual network. When you use point-to-site connections to facilitate communication, you need to setup a separate point-to-site connection for each on-prem computer that needs to connect to the Azure virtual network. These types of connections are often used to allow remote workers to connect into your Azure virtual network so they can access Azure resources. This type of connection allows communication between the individual computer and your virtual network through an encrypted tunnel over the internet.

When you want to connect an entire on-prem network to an Azure virtual network, you can use a site-to-site VPN. This type of VPN establishes a secure, encrypted connection over the internet between an Azure VPN Gateway that’s deployed in the virtual network and the on-prem VPN device. 

If a more robust connection is needed between Azure and your on-prem network, you can deploy an Azure ExpressRoute connection. An Azure ExpressRoute connection is a private connection between your on-prem network and your Azure environment. The traffic does not flow over the internet. This type of connection is established through an ExpressRoute partner.

So, before we dive into the next lesson, let’s just recap. 

Virtual networks are used to facilitate communication with the internet, communication between Azure resources, and communication with an on-prem environment. Outbound communication to the internet is available by default, while inbound communications from the internet are achieved via a public load balancer or public IP address.

Communications between azure resources is achieved through a virtual network, a virtual network service endpoint, or through vNet peering.

To establish communications between an Azure environment and an on-prem environment, you can deploy a point-to-site VPN, and site-to-site VPN, or an Azure ExpressRoute connection.

Join me in the next lesson, where we will look at filtering, routing, and integration.

About the Author
Avatar
Thomas Mitchell
Instructor
Students
33567
Courses
42
Learning Paths
15

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.