Book Image

Azure Networking Cookbook

By : Mustafa Toroman

Book Image

Azure Networking Cookbook

By: Mustafa Toroman

Overview of this book

Microsoft provides organizations with an effective way of managing their network with Azure's networking services. No matter the size of your organization, Azure provides a way to highly reliable performance and secure connectivity with its networking services. The book starts with an introduction to the Azure networking like creating Azure virtual networks, designing address spaces and subnets. Then you will learn to create and manage network security groups, application security groups, and IP addresses in Azure. Gradually, we move on to various aspects like S2S, P2S, and Vnet2Vnet connections, DNS and routing, load balancers and traffic manager. This book will cover every aspect and function required to deliver practical recipes to help readers learn from basic cloud networking practices to planning, implementing, and securing their infrastructure network with Azure. Readers will not only be able to upscale their current environment but will also learn to monitor, diagnose, and ensure secure connectivity. After learning to deliver a robust environment readers will also gain meaningful insights from recipes on best practices. By the end of this book, readers will gain hands-on experience in providing cost-effective solutions that benefit organizations.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Azure Virtual Network

Azure Virtual Network

Technical requirements

Creating a virtual network in the portal

Creating a virtual network with PowerShell

Adding a subnet in the portal

Adding a subnet with PowerShell

Changing the address space size

Changing the subnet size

Virtual Machine Networking

Virtual Machine Networking

Technical requirements

Creating Azure VMs

Viewing VM network settings

Creating a new network interface

Attaching a network interface to a VM

Detaching a network interface from a VM

Network Security Groups

Network Security Groups

Technical requirements

Creating a new NSG in a portal

Creating a new NSG with PowerShell

Creating a new allow rule in NSG

Creating a new deny rule in NSG

Creating a new NSG rule with PowerShell

Assigning an NSG to a subnet

Assigning an NSG to a network interface

Assigning an NSG with PowerShell

Creating an Application Security Group (ASG)

Associating an ASG with a VM

Creating rules with an NSG and an ASG

Managing IP Addresses

Managing IP Addresses

Technical requirements

Creating a new public IP address in the portal

Creating a new public IP address with PowerShell

Assigning a public IP address

Unassigning a public IP address

Creating a reservation for a public IP address

Removing a reservation for a public IP address

Creating a reservation for a private IP address

Changing a reservation for a private IP address

Removing a reservation for a private IP address

Local and Virtual Network Gateways

Local and Virtual Network Gateways

Technical requirements

Creating a local network gateway in the portal

Creating a local network gateway with PowerShell

Creating a virtual network gateway in the portal

Creating a virtual network gateway with PowerShell

Modifying the local network gateway settings

Creating Hybrid Connections

Creating Hybrid Connections

Technical requirements

Creating a Site-2-Site connection

Downloading the VPN device configuration from Azure

Creating a Point-2-Site connection

Creating a VNet-2-VNet connection

Connecting VNets using network peering

DNS and Routing

DNS and Routing

Technical requirements

Creating an Azure DNS zone

Creating a new record set and record in Azure DNS

Creating a route table

Changing the route table

Associating a route table to a subnet

Dissociating a route table from the subnet

Creating a new route

Changing a route

Deleting a route

Load Balancers

Technical requirements

Creating an internal load balancer

Creating a public load balancer

Creating a backend pool

Creating health probes

Creating load balancer rules

Creating inbound Network Address Translation (NAT) rules

Traffic Manager

Traffic Manager

Technical requirements

Creating a new Traffic Manager profile

Adding an endpoint

Configuring distributed traffic

Configuring traffic based on priority

Configuring traffic based on geographical location

Managing endpoint

Managing profiles

Configuring Traffic Manager with load balancers

Azure Application Gateway

Azure Application Gateway

Technical requirements

Creating a new application gateway

Configuring the backend pool

Creating HTTP settings

Creating a listener

Creating a rule

Creating a probe

Configuring a WAF

Customizing WAF rules

Azure Firewall

Technical requirements

Creating a new Azure Firewall

Configuring a new allow rule

Configuring a new deny rule

Configuring a route table

Enabling diagnostic logs for Azure Firewall

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Creating Hybrid Connections

Hybrid connections allow us to create secure connections with Azure VNets. These connections can either be from on-premises or from other Azure VNets. Establishing connections to Azure VNet enables secure network traffic with other services that are located in different Azure VNets, different subscriptions, or outside Azure (in different clouds or on-premises). Using secure connections removes the need for publicly exposed endpoints that present a potential security risk. This is especially important when we consider management, where opening public endpoints creates a security risk and presents a major issue. For example, if we consider managing virtual machines, it's a common practice to use either Remote Desktop Protocol (RDP) or PowerShell for management. Exposing these ports to public access presents a great risk. A best practice is to disable...