Book Image

Azure Networking Cookbook, Second Edition - Second Edition

By : Mustafa Toroman
Book Image

Azure Networking Cookbook, Second Edition - Second Edition

By: Mustafa Toroman

Overview of this book

Azure's networking services enable organizations to manage their networks effectively. With the Azure Networking Cookbook, you’ll see how Azure paves the way for an enterprise to achieve reliable performance and secure connectivity. This updated second edition will take you through the latest networking features in Azure. The book starts with an introduction to Azure networking, covering basics such as creating Azure virtual networks, designing address spaces, and creating subnets. You’ll create and manage network security groups, application security groups, and IP addresses in Azure using easy-to-follow recipes. As you progress through the book, you’ll explore various aspects such as DNS and routing, load balancers, Traffic Manager, and site-to-site, point-to-site, and VNet-to-VNet connections. This cookbook covers all the functions crucial to understanding cloud networking practices and being able to plan, implement, and secure your network infrastructure with Azure. You’ll not only upscale your current environment but also get well-versed with monitoring, diagnosing, and ensuring secure connectivity. The book will help you grasp best practices as you learn how to create a robust environment. By the end of this Azure cookbook, you’ll have gained hands-on experience developing cost-effective solutions that can facilitate efficient connectivity in your organization.

Related Content you might be interested in

Current Title:

Small book image
Azure Networking Cookbook, Second Edition - Second Edition
Mustafa Toroman
Dec, 2020 | 298 pages
Small book image
Hands-On Networking with Azure
Mohamed Waly
Mar, 2018 | 276 pages
Small book image
Designing and Implementing Microsoft Azure Networking Solutions
David Okeyode
Aug, 2023 | 524 pages
Small book image
Hands-On Cloud Administration in Azure
Mustafa Toroman
Oct, 2018 | 390 pages
Table of Contents (15 chapters)
Preface
Preface
About Azure Networking Cookbook, Second Edition
About the author
About the reviewers
Learning objectives
Audience
Approach
To get the most out of this book
Hardware requirements
Software requirements
Conventions
Download Resources
1
1. Azure Virtual Network
1. Azure Virtual Network
Technical requirements
Creating a virtual network in the Azure portal
Creating a virtual network with PowerShell
Adding a subnet in the Azure portal
Adding a subnet with PowerShell
Changing the address space size
Changing the subnet size
Free Chapter
2
2. Virtual machine networking
2. Virtual machine networking
Technical requirements
Creating Azure VMs
Viewing VM network settings
Creating a new NIC
Attaching an NIC to a VM
Detaching an NIC from a VM
3
3. Network Security Groups
3. Network Security Groups
Technical requirements
Creating a new NSG in the Azure portal
Creating a new NSG with PowerShell
Creating a new allow rule in an NSG
Creating a new deny rule in an NSG
Creating a new NSG rule with PowerShell
Assigning an NSG to a subnet
Assigning an NSG to a network interface
Assigning an NSG to a subnet with PowerShell
Creating an Application Security Group (ASG)
Associating an ASG with a VM
Creating rules with an NSG and an ASG
4
4. Managing IP addresses
4. Managing IP addresses
Technical requirements
Creating a new public IP address in the Azure portal
Creating a new public IP address with PowerShell
Assigning a public IP address
Unassigning a public IP address
Creating a reservation for a public IP address
Removing a reservation for a public IP address
Creating a reservation for a private IP address
Changing a reservation for a private IP address
Removing a reservation for a private IP address
Adding multiple IP addresses to an NIC
Creating a public IP prefix
5
5. Local and virtual network gateways
5. Local and virtual network gateways
Technical requirements
Creating a local network gateway in the Azure portal
Creating a local network gateway with PowerShell
Creating a virtual network gateway in the Azure portal
Creating a virtual network gateway with PowerShell
Modifying the local network gateway settings
6
6. DNS and routing
6. DNS and routing
Technical requirements
Creating an Azure DNS zone
Creating an Azure Private DNS zone
Integrating a virtual network with a private DNS zone
Creating a new record set in Azure DNS
Creating a route table
Changing a route table
Associating a route table with a subnet
Dissociating a route table from a subnet
Creating a new route
Changing a route
Deleting a route
7
7. Azure Firewall
7. Azure Firewall
Technical requirements
Creating a new firewall
Creating a new firewall with PowerShell
Configuring a new allow rule
Configuring a new deny rule
Configuring a route table
Enabling diagnostic logs for Azure Firewall
Configuring Azure Firewall in forced tunneling mode
Creating an IP group
Configuring Azure Firewall DNS settings
8
8. Creating hybrid connections
8. Creating hybrid connections
Technical requirements
Creating a Site-to-Site connection
Downloading the VPN device configuration from Azure
Creating a Point-to-Site connection
Creating a VNet-to-VNet connection
Connecting VNets using network peering
9
9. Connecting to resources securely
9. Connecting to resources securely
Technical requirements
Creating an Azure Bastion instance
Connecting to a virtual machine with Azure Bastion
Creating a virtual WAN
Creating a hub (in Virtual WAN)
Adding a Site-to-Site connection (in a virtual hub)
Adding a virtual network connection (in a virtual hub)
Creating a Private Link endpoint
Creating a Private Link service
10
10. Load balancers
10. Load balancers
Technical requirements
Creating an internal load balancer
Creating a public load balancer
Creating a backend pool
Creating health probes
Creating load balancer rules
Creating inbound NAT rules
Creating explicit outbound rules
11
11. Traffic Manager
11. Traffic Manager
Technical requirements
Creating a new Traffic Manager profile
Adding an endpoint
Configuring distributed traffic
Configuring traffic based on priority
Configuring traffic based on geographical location
Managing endpoints
Managing profiles
Configuring Traffic Manager with load balancers
12
12. Azure Application Gateway and Azure WAF
12. Azure Application Gateway and Azure WAF
Technical requirements
Creating a new application gateway
Configuring the backend pools
Configuring HTTP settings
Configuring listeners
Configuring rules
Configuring probes
Configuring a Web Application Firewall (WAF)
Customizing WAF rules
Creating a WAF policy
13
13. Azure Front Door and Azure CDN
13. Azure Front Door and Azure CDN
Technical requirements
Creating an Azure Front Door instance
Creating an Azure CDN profile
14
Index
Index

Creating an Azure Bastion instance

Azure Bastion allows us to connect securely to our Azure resources without additional infrastructure. All we need is a browser. It is essentially a PaaS service provisioned in our virtual network that provides a secure RDP/SSH connection to Azure Virtual Machines. The connection is made directly from the Azure portal over Transport Layer Security (TLS).

Getting ready

Before we can create an Azure Bastion instance, we must prepare the subnet.

In order to create a new subnet for Azure Bastion, we must do the following:

  1. Locate the virtual network that will be associated with our Azure Bastion instance.
  2. Select the Subnets option under Settings and select the option to add a new subnet, as shown in Figure 9.1:
    Selecting the Subnet option to add a new subnet

    Figure 9.1: Creating a new subnet for Azure Bastion

  3. In the new pane, we must fill in the Name and Address range fields. It's very important that the subnet is named AzureBastionSubnet and that the subnet uses a prefix...
Previous Section
End of Section 3
Next Section