Azure_Networking.pdf_portal.azurecom

Azure

需积分: 10 138 浏览量更新于2023-05-29 评论 1 收藏 7.99MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

资源详情

资源评论

资源推荐

ContentsContents
 Overview
 About Azure networking
 Architecture
 Virtual Datacenters
 Asymmetric routing with multiple network paths
 Secure network designs
 Hub
-
spoke topology
 Network security best practices
 Highly available network virtual appliances
 Combine load balancing methods
 Disaster recovery using Azure DNS and Traffic Manager
 Plan and design
 Virtual networks
 Cross
-
premises connectivity 
-
 VPN
 Cross
-
premises connectivity 
-
 dedicated private
 Backend connectivity interoperability
 Preface and Test Setup
 Test Setup Configuration
 Control Plane Analysis
 Data Plane Analysis
 Concepts
 Microsoft global network
 Azure network latency
 Virtual networks
 Network load balancing
 Application load balancing
 DNS
 DNS
-
based traffic distribution
 Connect on
-
premises 
-
 VPN

Azure networking

7/28/2019 • 13 minutes to read • Edit Online

Connectivity services

SERVICE WHY USE? SCENARIOS

Virtual network Enables Azure resources to securely

communicate with each other, the

internet, and on

premises networks.

ExpressRoute Extends your on

premises networks

into the Microsoft cloud over a private

connection facilitated by a connectivity

provider.

VPN Gateway Sends encrypted traffic between an

Azure virtual network and an on

premises location over the public

Internet.

The networking services in Azure provide a variety of networking capabilities that can be used together or

separately. Click any of the following key capabilities to learn more about them:

Connectivity services: Connect Azure resources and on

premises resources using any or a combination of

these networking services in Azure

Virtual Network

(

VNet

)

, Virtual WAN, ExpressRoute, VPN Gateway, Azure

DNS, or Azure Bastion.

Application protection services Protect your applications using any or a combination of these networking

services in Azure

DDoS protection, Firewall, Network Security Groups, Web Application Firewall, or Virtual

Network Endpoints.

Application delivery services Deliver applications in the Azure network using any or a combination of these

networking services in Azure

Content Delivery Network

(

CDN

)

, Azure Front Door Service, Traffic Manager,

Application Gateway, or Load Balancer.

Network monitoring

–

Monitor your network resources using any or a combination of these networking

services in Azure

Network Watcher, ExpressRoute Monitor, Azure Monitor, or VNet Terminal Access Point

(

TAP

)

This section describes services that provide connectivity between Azure resources, connectivity from an on

premises network to Azure resources, and branch to branch connectivity in Azure

Virtual network, ExpressRoute,

VPN Gateway, Virtual WAN, DNS, and Azure Bastion.

Filter network traffic

Route network traffic

Restrict network access to resources

Connect virtual networks

Create and modify an ExpressRoute

circuit

Create and modify peering for an

ExpressRoute circuit

Link a VNet to an ExpressRoute

circuit

Configure and manage route filters

for ExpressRoute circuits

Site

site

connections

VNet

VNet connections

Point

site connections

  
  
Virtual WAN Optimizes and automates branch
connectivity to, and through, Azure.
Azure regions serve as hubs that you
can choose to connect your branches
to.
Azure DNS Hosts DNS domains that provide name
resolution by using Microsoft Azure
infrastructure.
Azure Bastion 
(
Preview
)
Configure secure and seamless
RDP/SSH connectivity to your virtual
machines directly in the Azure portal
over SSL. When you connect via Azure
Bastion, your virtual machines do not
need a public IP address
SERVICE WHY USE? SCENARIOS
Virtual networkVirtual network
ExpressRouteExpressRoute
Site
-
to
-
site connections,
ExpressRoute connections
Host your domain in Azure DNS
Create DNS records for a web app
Create an alias record for Traffic
Manager
Create an alias record for public IP
Address
Create an alias record for zone
resource record
Create an Azure Bastion host
Connect using SSH to a Linux VM
Connect using RDP to a Windows
VM
Azure Virtual Network 
(
VNet
)
 is the fundamental building block for your private network in Azure. You can use a
VNets to:
Communicate between Azure resources: You can deploy VMs, and several other types of Azure resources to
a virtual network, such as Azure App Service Environments, the Azure Kubernetes Service 
(
AKS
)
, and Azure
Virtual Machine Scale Sets. To view a complete list of Azure resources that you can deploy into a virtual
network, see Virtual network service integration.
Communicate between each other: You can connect virtual networks to each other, enabling resources in
either virtual network to communicate with each other, using virtual network peering. The virtual networks you
connect can be in the same, or different, Azure regions. For more information, see Virtual network peering.
Communicate to the internet: All resources in a VNet can communicate outbound to the internet, by default.
You can communicate inbound to a resource by assigning a public IP address or a public Load Balancer. You
can also use Public IP addresses or public Load Balancer to manage your outbound connections.
Communicate with on
-
premises networks: You can connect your on
-
premises computers and networks to a
virtual network using VPN Gateway or ExpressRoute.
For more information, see What is Azure Virtual Network?.
ExpressRoute enables you to extend your on
-
premises networks into the Microsoft cloud over a private connection
facilitated by a connectivity provider. This connection is private. Traffic does not go over the internet. With
ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure, Office 365, and
Dynamics 365. For more information, see What is ExpressRoute?.