Now that we understand what Azure virtual WAN is and the problems it solves, let's move on to some technical terms. I know vocabulary may not sound that exciting, but it's important to understand the components that make up Azure virtual WAN, as well as what services are included with the two available types of Azure virtual WAN. Let's start with services and the first service is virtual WAN.

A virtual WAN is a collection of resources that make up a virtual WAN service. Resources in a virtual WAN can communicate with each other. There can be multiple virtual WANs in a subscription, but resources located in different virtual WANs will not communicate with each other by default. A virtual WAN is also an administrative boundary. Hubs are created within a virtual WAN. A hub is a virtual network managed by Azure. Part of the advantage of a hosted service is that we don't have to manage all the services involved. For a virtual WAN and the hubs contained inside it, we don't have to be concerned with all the routing, redundant connections and interconnections between regions. That's all part of the hubs in a virtual WAN.

A hub connects endpoints from other networks. For example, a VPN gateway endpoint can host a connection from an on-premises VPN appliance. We can connect ExpressRoute circuits or client VPN connections to the hub as well. Hubs are at the core of a virtual WAN network in a region. We can use single or multiple hubs per region. All the hubs in a virtual WAN are connected with a hub-to-hub connection by default. A hub can connect to VNets with a hub virtual network connection or use gateways to connect different types of endpoints, site-to-site VPN for remote branches, point-to-site VPN for end users, and to ExpressRoute for connecting ExpressRoute circuits to Azure virtual WAN. There's another option called a network virtual appliance or NVA that directly integrates into a hub and provides connectivity for software-defined WAN or SD WAN.

Custom routing can be added to the hub route table, providing granular control of network routing in the environment with BGP and static routes. The different connections and services Azure virtual WAN offers provides flexible options for integrating with existing networks. The exact features in an Azure virtual WAN depend on the SKU or type of virtual WAN we deploy. There are two options when deploying a virtual WAN, basic and standard. A basic virtual WAN and hub only provides site-to-site connectivity. The other type is a standard virtual WAN hub. This hub type supports ExpressRoute, user VPN, site-to-site VPN, inter-hub and VNet to VNet connectivity through the virtual hub, Azure Firewall, and a network virtual appliance in the virtual WAN. If you deploy a basic hub, it can be upgraded to a standard hub. However, you cannot downgrade a standard hub to basic. Now that we have an overview of Azure virtual WAN and an understanding of the components and services that make up the product, let's move on to implementing Azure virtual WAN.