AZ-104: Microsoft Azure Administrator
AZ-104 Bootcamp | Day 4 | Networking
Heyy Folks!!
I am currently attending the AZ-104 Microsoft Azure Administrator Bootcamp which is organised by Azure Developer Community in collaboration with
From a broad point of view, the session consisted of two parts —
1. First phase was all about the Virtual Networking:
Virtual networks, creation of virtual subnets, multiple subnet creation, Azure DNS, service endpoints etc.
2. Second phase of the session focused on Network Traffic Management: Azure load balancer, application gateway, creating a standard load balancer with Azure CLI, and more.
Networking in Azure
Before getting into the further deeper terms, let’s first know what is Azure and what does networking in Azure actually is!
Microsoft Azure is an open cloud computing platform which provides various cloud services which includes- Compute, Networking, Storage, Databases, Artificial Intelligence, DevOPs and many more. Now, let’s jump straight to Azure Networking.
The key function of Azure Networking is to link compute resources and providing access to applications. In Azure, the networking includes a variety of methods to connect the outside world to the Azure datacenters.
Azure provides a wide range of services provided in Networking, these include-
— Azure Virtual Network
— Azure Application Gateway and VPN Gateway
— Azure DNS
— Azure CDN (Content Delivery Network)
— Azure Traffic Manager
— Azure DDoS Protection
and many more….
Azure Virtual Networking
Azure Virtual Networking is responsible for connecting Virtual Machines, applications, databases to interact with each other and also with the users in a secure manner.
This simply means that we can create our own virtual network where we can define our own IP address range. This will enable us to deploy our own azure resources like virtual machines etc. A continuous block of IP addresses are used for creating subnet network.
Now let’s see what are some key components of Azure VNet!
Azure Subnet
Firstly, we must know what a subnet is! So, a subnet is a range of IP addresses in any network. A virtual network can be divided into multiple subnets. Suppose we deploy a virtual machine, a web application and any other resource into a single subnet then, these resources can securely communicate with each other without any other requirement. In a subnet, the IP address range will be a part of the block of IP in that virtual network and IP address to any resource in that network will be assigned from these subnet only.
There are also some methods provided by Microsoft Azure for Network Security. Some of them are mentioned below-
Network Security Group
A Network Security Group (NSG) is a collection of security rules regarding the IN and OUT network traffic. Also, NSG can be applied to any level of the network. These security rules have various properties such as-
- A unique network name within the NSG
- Priority order of the security rules
- IP address of source and destination
- Protocol (TCP/UDP etc. )
- Range of ports
- Allow or deny action
Service Endpoints
A Service Endpoint lets virtual network resources to connect to a public endpoint of an azure service using private IP addresses. This simply means that traffic is routed through the Azure backbone network rather than the internet to reach the service resource.
Azure Network Traffic Management
Network traffic management refers to analyse the network traffic, redirect the traffic and optimum flow of traffic across the network. Talking in terms of Azure, the Azure network traffic manager is traffic load balancer based on DNS. Hence, it allows distribution on traffic and ensure high availability and quick responsiveness.
Azure Load Balancer
Azure load balancer is used to divert the incoming traffic to the virtual machines. It also prevents the traffic from routing to the failed virtual machine, this makes our application more reliable and fault tolerant.
Azure Application Gateway
Azure application gateway is another type of load balancer. It is a web based load balancer which is responsible for managing traffic to our application. It operates at the transport layer i.e. Layer 4 of OSI model using TCP and UDP protocols. It manages the traffic on the basis of IP address of source and destination and also the ports.
Conclusion
Overall the session was very interactive while also being informative. The learnings from the session are quite a lot. Great appreciation to Azure Developer Community and the entire team. Also, many thanks to Whizlabs for their support. I have tried to share my all possible knowledge through this blog.
See you soon!!