IP Addresses & Subnets
IP Addresses & Subnets
1h 26m

This course covers how to implement Azure network security. Through a combination of both theory and practical demonstrations, you will learn how to create and configure a range of Azure services designed to keep your network secure.

This includes topics such as virtual network connectivity, the Azure Front Door Service, NSG configuration, Azure firewall configuration, and application security groups. The course then moves on to the configuration of remote access management via just-in-time access and tools that are used to configure baselines.

We’d love to get your feedback on this course, so please give it a rating when you’re finished. If you have any queries or suggestions, please contact us at

Learning Objectives

  • Understand how to implement Azure network security
  • Learn about the various Azure services and methodologies available to secure your network

Intended Audience

This course is intended for IT professionals who are interested in earning Azure certification and for those who work with Microsoft Azure on a daily basis.


To get the most from this course, you should have at least a basic understanding of Azure network resources such as virtual networks, Azure firewalls, and network security groups.



Resources like VMs and load balancers that live on a virtual network require unique IP addresses, just like any resource on a physical network.

In Azure, virtual networks use two types of IP addresses: private and public.

A private IP can be either dynamically or statically allocated to a VM from the range of IP addresses that's been defined for a given virtual network. These addresses are then used by resources to communicate with one another. Public IPs allow Azure resources to communicate externally with resources that do not reside on the virtual network. Public IPs are assigned to the virtual adapter of a VM or to the front end of a load balancer.

Public IP addresses can also be used within Azure-only virtual networks. When used in this fashion, the IPs within the virtual network will only be routable within the network itself. They will not be reachable from the outside.

The IP addresses that are dynamically assigned to VMs and other services within an Azure virtual network are determined by the IP addressing scheme that's deployed. This process of IP range planning is not all that different than how you would plan the addressing scheme of a physical network.

As mentioned earlier, a virtual network can be subdivided using subnets. Each subnet consists of its own range of IP addresses that fall within the address space defined for the parent virtual network.

You use subnetting to mask the details of the internal network organization from external routers. It also makes it easier to segment the hosts within a network and to more effectively apply network security.

About the Author
Learning Paths

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.