CloudAcademy
  1. Home
  2. Content Library
  3. Microsoft Azure
  4. Courses
  5. Microsoft Azure Virtual Network

Course Introduction

The course is part of this learning path

Azure Services for Security Engineers

course-steps 3 lab-steps 3 quiz-steps 3

Contents

keyboard_tab
Course Introduction
1
Course Introduction1m 4s
Microsoft Azure Virtual Network
2
Microsoft Azure Virtual Network Architecture8m 48s
3
Demo: Create a Virtual Network using the Azure Portal4m 42s
4
Demo: Create a Virtual Network using xPlat CLI6m 59s
5
Demo: Create a Virtual Network using PowerShell15m 2s
Network Security Groups
6
Network Security Group Overview11m 53s
7
Demo: Deploy a Network Security Group using Azure Portal6m 56s
8
Demo: Deploy a Network Security Group using xPlat CLI7m 36s
9
Demo: Deploy a Network Security Group using PowerShell11m 17s
VPN Gateway
10
VPN Gateway Overview10m 2s
11
Demo: VNet-to-VNet VPN using Azure Portal9m 44s
Load Balancer
12
Load Balancer Overview6m 3s
13
Demo: Deploy and Test Load Balancer using Azure Portal21m 55s
Route Tables
14
Route Table Overview4m 14s
15
Demo: Route Tables with Azure Portal6m 45s
16
Demo: Create Route Tables with xPlat CLI8m 28s
17
Demo: Create Route Tables with PowerShell8m 23s
play-arrow
Start course
Overview
Transcript
DifficultyIntermediate
Duration2h 30m
Students622

Description

During this course, we will explore the primary components that are offered by Microsoft Azure Virtual Network under Microsoft Azure Resource Manager (ARM). This is sometimes known as IaaSv2. For the sake of clarity, this course does not cover IaaSv1, which is Microsoft Azure infrastructure services provisioned using the Azure Service Management (ASM) REST API. In addition to covering Azure Virtual Network concepts, we'll also demonstrate the deployment and management of these services using the Microsoft Azure Portal, Cross-Platform (xPlat) CLI Tool, and the Azure Resource Manager PowerShell module.

The components offered by Azure Virtual Network are:

Virtual Networks - Using Microsoft Azure Virtual Networks, you can deploy Azure services such as infrastrucutre Virtual Machine (IaaS), Redis Cache, and Web Apps. Each Virtual Network can have more than one overarching address space defined, and is subdivided into one or more subnets.

Network Security Groups - These are essentially Layer 4 (OSI model) firewall rules that allow you to limit the flow of network traffic at the Subnet and individual Network Interface layers. Each Network Security Group can contain up to 200 individual Network Security Rules, which allow or deny traffic, based on a variety of parameters, such as the source / destination IP address and ports, the network protocol, rule priority, and others. Network Security Groups must be created in the same Azure Region (Location) as the Virtual Network subnet that it will be associated with.

VPN Gateway - Using Microsoft Azure VPN Gateway, you can securely connect globally-distributed Virtual Networks together, as well as extending on-premises networks into the cloud. This scenario is known as Site-to-Site (S2S) connectivity, and is also commonly called "hybrid networking." You can also enable Point-to-Site (P2S) connectivity, where the "point" is a client device that connects directly to the Virtual Network, and and enables private access to network resources over a secure Virtual Private Network (VPN) connection. The P2S model is particularly useful for deploying lab environments in Microsoft Azure, that are only accessible through a private interface, or other cloud-based workloads that don't require public access.

Load Balancer - Using the Microsoft Azure Load Balancer, you can build and deploy geographically distributed, high performance, highly available applications. Load Balancers can be exposed publicly, through the use of a Public IP Address resource, or they can simply be deployed into a Virtual Network subnet for private, internal access. The Load Balancer health probe ensures the availability and health of the application, on each endpoint. Endpoints are dynamically added and removed from the Load Balancer's rotation.

Route Tables - Microsoft Azure Virtual Networks support custom Route Tables, allowing you to shape the flow of cloud-based network traffic. One of the more common use cases of custom Route Tables is to route all network traffic through a Virtual Appliance that is responsible for ensuring the security of network traffic. A Route Table can be created, by itself, directly inside an ARM Resource Group, but it must be associated with a Virtual Network subnet in order to take effect on network traffic.

Join us as we dive into Azure Virtual Network concepts, deployment, and management!

If you have thoughts or suggestions for this course, please contact Cloud Academy at support@cloudacademy.com.

About the Author

Trevor Sullivan is a Microsoft MVP for Windows PowerShell, and enjoys working with cloud and automation technologies. As a strong, vocal veteran of the Microsoft-centric IT field since 2004, Trevor has developed open source projects, provided significant amounts of product feedback, authored a large variety of training resources, and presented at IT functions including worldwide user groups and conferences.