The first thing to ask about VNets is: do we need a VNet? VNet is a service used to build a private network into the Azure Cloud to perform the following:
Extend the security boundary of Cloud Services and VMs: several Cloud Services and VMs can be placed in a single VNet to let them communicate without passing from the Internet publically
Set up a Hybrid solution: If we need to connect an existing on-premise infrastructure to Azure, VNet is the starting point
These two reasons (though they are not the only ones) are consistent with the two modes of how VNet can be deployed:
From the security perspective, there are two connected, main security points (in addition to what we have already covered before):
Cross-service communication: Several VMs in different Cloud Services can communicate with each other if they are in the same VNet. This...