Chapter 5. Networking and Security on Microsoft Azure
In this chapter, let’s explore how networking on the Microsoft Azure public cloud platform enables connectivity and security throughout the variety of services and across all regions and Availability Zones. This includes the products and methods to secure your services on Azure and the ability to access Azure resources in Open Systems Interconnection (OSI) Layers 3 through 7.
Ensuring network and application access groups for your resources is particularly important in order to maintain infrastructure and application protection. The networking and security features discussed in this chapter are available throughout the entire Azure infrastructure, which ensures consistency and a simplified approach to defining your Azure deployment structure.
Core Networking and Security on Azure
The core features in the Azure networking environment we cover here include the following:
- Virtual networks
A virtual private cloud within the Azure cloud environment that is given private subnets and external access to other networks (including internet) using a gateway
- Application security groups (ASGs)
Role-based access control (RBAC) to allow granular access to applications or groups of applications
- Network security groups (NSGs)
Network-layer firewall to filter inbound and outbound traffic by network, port, and protocol
These three features come together to make up the isolated and highly secure environment for your virtual cloud within ...