Azure Virtual Network (VNet)Azure Virtual Network (VNet)A network or environment called an Azure Virtual Network (VNet) can be used to run virtual machines (VMs) and applications in the cloud.A network or environment called an Azure Virtual Network (VNet) can be used to run virtual machines (VMs) and applications in the cloud.
Once Azure services and virtual machines are built, they communicate securely.
The size, availability, and isolation that come with Azure's infrastructure are similar to those of a network you might run in your own data center.
Benefits of Using Azure Virtual Network
The network has a high level of security
You can run your applications in an isolated environment
Default access to the public internet is available to a subnet in a VNet
Traffic can easily be directed from resources
Simple yet sophisticated network topologies can be built with it
Azure Networking compoent -
Subnets, routing and Network Security GroupsSubnets, routing and Network Security Groups
Filter network traffic
Azure virtual networks enable you to filter traffic between subnets by using the following approaches:
: A network security group is an Azure resource that can contain multiple inbound and outbound security rules. You can define these rules to allow or block traffic, based on factors such as source and destination IP address, port, and protocol.
: A network virtual appliance is a specialized VM that can be compared to a hardened network appliance. A network virtual appliance carries out a particular network function, such as running a firewall or performing wide area network (WAN) optimization.
Virtual network peering
You can link virtual networks together by using virtual network peering. Peering enables resources in each virtual network to communicate with each other. These virtual networks can be in separate regions, which allows you to create a global interconnected network through Azure.
UDR is user-defined Routing or UDR is a significant update to Azure’s Virtual Networks as this allows network admins to control the routing tables between subnets within a subnet as well as between VNets thereby allowing for greater control over network traffic flow.
Communicate with on-premises resources
Azure virtual networks enable you to link resources together in your on-premises environment and within your Azure subscription. In effect, you can create a network that spans both your local and cloud environments. There are three mechanisms for you to achieve this connectivity:
: This approach is like a virtual private network (VPN) connection that a computer outside your organization makes back into your corporate network, except that it’s working in the opposite direction. In this case, the client computer initiates an encrypted VPN connection to Azure to connect that computer to the Azure virtual network.
: A site-to-site VPN links your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network. In effect, the devices in Azure can appear as being on the local network. The connection is encrypted and works over the internet.
: For environments where you need greater bandwidth and even higher levels of security, Azure ExpressRoute is the best approach. ExpressRoute provides dedicated private connectivity to Azure that doesn’t travel over the internet.
Route network traffic -
Route tablesRoute tables: A route table allows you to define rules about how traffic should be directed: A route table allows you to define rules about how traffic should be directed
Border Gateway ProtocolBorder Gateway Protocol: Border Gateway Protocol (BGP) works with Azure VPN gateways or ExpressRoute to propagate on-premises BGP routes to Azure virtual networks: Border Gateway Protocol (BGP) works with Azure VPN gateways or ExpressRoute to propagate on-premises BGP routes to Azure virtual networks
Communicate between Azure resources -
You’ll want to enable Azure resources to communicate securely with each other. You can do that in one of two ways:
: Virtual networks can connect not only VMs but other Azure resources, such as the App Service Environment for Power Apps, Azure Kubernetes Service, and Azure virtual machine scale sets.
: You can use service endpoints to connect to other Azure resource types, such as Azure SQL databases and storage accounts. This approach enables you to link multiple Azure resources to virtual networks to improve security and provide optimal routing between resources.