Virtual Network Connectivity
Azure Front Door Service
Network Security Groups
Application Security Groups
Remote Access Management
The course is part of these learning paths
This course covers how to implement Azure network security. Through a combination of both theory and practical demonstrations, you will learn how to create and configure a range of Azure services designed to keep your network secure.
This includes topics such as virtual network connectivity, the Azure Front Door Service, NSG configuration, Azure firewall configuration, and application security groups. The course then moves on to the configuration of remote access management via just-in-time access and tools that are used to configure baselines.
We’d love to get your feedback on this course, so please give it a rating when you’re finished. If you have any queries or suggestions, please contact us at firstname.lastname@example.org.
- Understand how to implement Azure network security
- Learn about the various Azure services and methodologies available to secure your network
This course is intended for IT professionals who are interested in earning Azure certification and for those who work with Microsoft Azure on a daily basis.
To get the most from this course, you should have at least a basic understanding of Azure network resources such as virtual networks, Azure firewalls, and network security groups.
The Azure Front Door Service is an offering from Microsoft that allows you to define, manage, and monitor the global routing for web traffic. It optimizes for best performance and offers instant global failover for high availability. Azure Front Door allows organizations to transform their multi-region apps, both consumer and enterprise grade, into high-performance applications, APIs, and content that can reach a global audience through Azure.
Azure Front Door works at Layer 7, the HTTP/HTTPS layer. By leveraging the anycast protocol with split TCP and Microsoft's global network, it improves global connectivity. When properly configured, Azure Front Door will route client requests to the fastest and most available application backend, which is defined as any Internet-facing service hosted inside or outside of Azure.
Front Door offers several traffic-routing methods and backend health monitoring options to choose from. That being the case, it meets the needs of many different applications and automatic failover models. Like Azure's Traffic Manager offering, Azure Front Door is resilient to failures, including the failure of an entire Azure region.
Azure Front Door accelerates app performance by ensuring end users connect to the nearest Front Door Point of Presence when accessing the application. The Front Door Service uses smart health probes to monitor the backends for latency and availability. When a backend goes down, the app is instantly and automatically failed over.
Through URL-based routing, Azure Front Door allows organizations to route traffic to backend pools based on URL paths of the requests. You can even configure more than one website on the same Front Door configuration. What this does is offer you the ability to configure a more efficient topology for app deployments.
By leveraging session affinity, Azure Front Door allows you to keep a user session on the same application backend. Front Door managed cookies ensure that subsequent traffic from a user session gets directed to the same application backend for processing. Session affinity is useful in situations where session state is saved locally on the backend for a user session.
Front Door also supports SSL termination at the edge. What this means is that individual users can establish SSL connections directly with Front Door environments rather than establishing those connections with the application's backend. One caveat of the Front Door Service is that when you use it to deliver content, you must use a custom domain if you wish to have your domain name visible in the Front Door URL. I should also note that Front Door also supports HTTPS for custom domain names.
Other features of Azure Front Door include things like custom web application firewall rules, URL redirection, URL rewrite, IPv6 and HTTP/2 protocol support.
In the next lesson, I'm going to show you how to create and configure Azure Front Door.
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.