Book Image

Implementing Azure Cloud Design Patterns

By : Oliver Michalski, Stefano Demiliani
Book Image

Implementing Azure Cloud Design Patterns

By: Oliver Michalski, Stefano Demiliani

Overview of this book

A well designed cloud infrastructure covers factors such as consistency, maintenance, simplified administration and development, and reusability. Hence it is important to choose the right architectural pattern as it has a huge impact on the quality of cloud-hosted services. This book covers all Azure design patterns and functionalities to help you build your cloud infrastructure so it fits your system requirements. This book initially covers design patterns that are focused on factors such as availability and data management/monitoring. Then the focus shifts to complex design patterns such as multitasking, improving scalability, valet keys, and so on, with practical use cases. The book also supplies best practices to improve the security and performance of your cloud. By the end of this book, you will thoroughly be familiar with the different design and architectural patterns available with Windows Azure and capable of choosing the best pattern for your system.
Table of Contents (16 chapters)
Title Page
Dedication
Packt Upsell
Contributors
Preface
Index

Security


If we are dealing with the subject of Azure networking, we must not forget the area of security.

As a tool for this, Azure networking offers the following options:

  • NSG
  • Application security groups

NSG

An NSG contains a list of rules that allow or deny network traffic for resources associated with VNets.

Currently, there are the following types of NSGs:

  • NSG applied to a NIC
  • NSG applied to a subnet
  • NSG applied to a VM (only available in a classical deployment)

If an NSG is associated with a subnet, the rules apply to all resources that are connected to the subnet. However, you can further restrict your data traffic by setting up NSGs for NICs or VMs.

An NSG cannot be used concurrently with an endpoint access control list (ACL). We come next to the keyword rules, or rather NSG rules. In principle, rules are offered in two categories, namely rules for incoming traffic and rules for outgoing traffic. As an action for all rules, only the following operations are possible: allow traffic – deny traffic...