3. What is Microsoft Azure Virtual Network (VNet) ?
• The VNet service enables Azure resources to securely communicate with each other in a virtual network.
• A virtual network is a logical isolation of the Azure cloud dedicated to your subscription.
• You can connect virtual networks to other virtual networks, or to your on-premises network.
7. Connections to VNet
Point-to-site virtual private network (VPN): Established between a virtual network and a single PC in your
network.
Site-to-site VPN: Established between your VPN device and an Azure VPN Gateway deployed in a virtual
network. The connection is an IPSec/IKE VPN that provides encrypted communication over the Internet between
your on-premises device and the Azure VPN gateway. The latency for a site-to-site connection is unpredictable,
since the traffic traverses the Internet.
Azure ExpressRoute:Established between your network and Azure, through an ExpressRoute partner. This
connection is private. Traffic does not traverse the Internet.
8. Azure VPN gateway:
The VPN gateway service enables you to connect the VNet to the on-premises network through a VPN appliance.
Virtual network gateway. A resource that provides a virtual VPN appliance for the VNet. It is responsible for
routing traffic from the on-premises network to the VNet.
Local network gateway. An abstraction of the on-premises VPN appliance. Network traffic from the cloud
application to the on-premises network is routed through this gateway.
Connection. The connection has properties that specify the connection type (IPSec) and the key shared with the
on-premises VPN appliance to encrypt traffic.
Gateway subnet. The virtual network gateway is held in its own subnet, which is subject to various requirements.
9. Network virtual appliances:
• A network virtual appliance is a virtual machine running software that performs a network function, such as a
firewall.
• Network virtual appliances are also available that provide WAN optimization and other network traffic
functions.
• Network virtual appliances are typically used with user-defined or BGP routes.
• You can also use a network virtual appliance to filter traffic between virtual networks.
10. Network security groups
• A network security group can contain multiple inbound and outbound security rules
• This enables you to filter traffic by source and destination IP address, port, and protocol.
• You can apply a network security group to each network interface in a virtual machine.
• You can also apply a network security group to the subnet a network interface, or other Azure resource, is in.
11. Components outside VNet
On-premises network. A private local-area network running within an organization.
VPN appliance. A device or service that provides external connectivity to the on-premises network. The VPN
appliance may be a hardware device, or it can be a software solution such as the Routing and Remote Access
Service (RRAS) in Windows Server 2012.
12. Visit : www.zekeLabs.com for more details
THANK YOU
Let us know how can we help your organization to Upskill the
employees to stay updated in the ever-evolving IT Industry.
Get in touch:
www.zekeLabs.com | +91-8095465880 | info@zekeLabs.com