Azure Networking features, NVAs and how to leverage them to design your network topology in Azure.

  • Article

I recently did the session with above title in Future Unleashed event and in Azure Vidyapeeth. You can view recording in Azure Vidyapeeth app or by registering here.

A whole set of features have been released in Azure such as NSGs, Forced Tunnelling, Load Balancers, multiple VIPs, Reserved and static IPs etc. In addition, features like User Defined Routes, IP Forwarding, multi NIC VMs have enabled many Network Virtual Appliances providers like CheckPoint, Barracuda, F5 to release their products in Marketplace. 

At the same time, not many people are aware of these features and how to use these features to build a secure network topology in Azure. Many times, I’ve heard people saying that it’s not easy building a secure network topology or DMZ in Azure as they are able to do in on-prem. This is not true. With all above feature, you can build a topology the way you want with security controls that you want. You can learn about all these new features and how to use these to build a DMZ like environment in Azure in the above session.

Also, if you are planning to secure your network topology. you must go through this white paper: Microsoft Cloud Services and Network Security. The white paper provides an overview of security and architectural issues that customers should consider when using Microsoft Cloud services accessed via ExpressRoute as well as creating secure services in Microsoft Azure’s Virtual Network. Then, it also provides example topologies and detailed step-by-step guidance (and scripts to build these topologies)