Book Image

Implementing Azure Cloud Design Patterns

By : Oliver Michalski, Stefano Demiliani
Book Image

Implementing Azure Cloud Design Patterns

By: Oliver Michalski, Stefano Demiliani

Overview of this book

A well designed cloud infrastructure covers factors such as consistency, maintenance, simplified administration and development, and reusability. Hence it is important to choose the right architectural pattern as it has a huge impact on the quality of cloud-hosted services. This book covers all Azure design patterns and functionalities to help you build your cloud infrastructure so it fits your system requirements. This book initially covers design patterns that are focused on factors such as availability and data management/monitoring. Then the focus shifts to complex design patterns such as multitasking, improving scalability, valet keys, and so on, with practical use cases. The book also supplies best practices to improve the security and performance of your cloud. By the end of this book, you will thoroughly be familiar with the different design and architectural patterns available with Windows Azure and capable of choosing the best pattern for your system.
Table of Contents (16 chapters)
Title Page
Packt Upsell

Security infrastructure

While a network security group provides a certain degree of network security on the switching and transport level of the OSI Reference Model, situations may arise in which you want to enable security for the higher levels of the stack.

In these situations, it is advisable to provide appliances provided by Azure partners for the security of virtual networks. These solutions are called Network Virtual Appliances (C).


Let's start with the question: What is an NVA? The answer consists of several parts as follows:

  • An NVA is usually a third-party solution and is distributed over the Azure Marketplace
  • An NVA is offered in the form of a VM
  • An NVA is part of its own VNet subnet and stands apart from the rest of the VNet

Examples of using a NVA are:

  • Firewall
  • Intrusion detection/intrusion prevention
  • Management of security risks
  • Application control
  • Network-based detection of anomalies
  • Web filtering
  • Virus protection
  • Bot protection

One example of using an NVA in a VNet architecture, is to...