April 2018
Intermediate to advanced
418 pages
9h 41m
English
Content preview from Architecting Microsoft Azure Solutions: Exam Guide 70-535
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
DMZ
A demilitarized zone (DMZ) or perimeter network is a physical or logical boundary between the internal and the external network of an organization. The external network can be the internet. The purpose is to add an additional security layer to the internal network. You don't open any ports from the internal network to the internet, but only to the DMZ. Azure offers multiple features that you can use to create a DMZ, such as Network Security Groups (NSGs), firewalls, and User Defined Routes (UDRs).
The following diagram shows an example of a physical DMZ created using a frontend VNet with two VMs in it. Only this VNet is connected to the internet.
Simple DMZ example