Summary of "AZ-900 Episode 10 | Networking Services | Virtual Network, VPN Gateway, CDN, Load Balancer, App GW"
Summary of AZ-900 Episode 10: Azure Networking Services
This episode provides a foundational overview of key Azure networking services essential for connecting, securing, and managing cloud and hybrid network environments. The main services covered include:
Azure Virtual Network (VNet)
- Emulates physical network infrastructure in the cloud.
- Enables creation, management, monitoring, and securing of connectivity between Azure resources and on-premises environments.
- Supports segmentation via subnets for efficient IP address allocation and applying security rules.
- VNets are region-specific; multi-region applications require multiple VNets.
- VNets can be connected using VNet Peering (for low latency, high bandwidth) or VPN Gateway (encrypted connections over the internet).
- Network Security Groups (NSGs) can be applied to subnets to control traffic flow.
VPN Gateway
- Connects Azure VNets to on-premises networks securely over the public internet.
- Can also connect VNets across regions, although less common.
- Provides encrypted communication channels.
- Choice between VPN Gateway and VNet Peering depends on specific use cases.
Azure Load Balancer
- Distributes network traffic evenly across multiple resources (e.g., VMs).
- Supports both inbound and outbound traffic, TCP and UDP protocols.
- Enhances scalability by allowing horizontal scaling (adding more instances).
- Improves availability by routing traffic away from unhealthy instances.
- Can be public (with public IP) or internal (private IP) to manage external and internal traffic respectively.
- Guarantees higher SLA when combined with availability zones.
Azure Application Gateway
- Specialized load balancer for web traffic (HTTP/HTTPS).
- Provides advanced web traffic management features such as:
- Web Application Firewall (WAF) for security.
- URL-based routing.
- SSL termination to offload decryption from backend servers.
- Session affinity to keep user sessions on the same server.
- Suitable for multi-tier web applications replacing public load balancers.
Azure Content Delivery Network (CDN)
- Distributes static web content (images, scripts, stylesheets) globally via multiple Points of Presence (PoPs).
- Reduces latency by serving content from locations closest to the user.
- Offloads traffic from origin servers, improving scalability and user experience.
- Has over 120 PoPs worldwide, often closer than Azure regions.
Additional Highlights
- Demonstration of creating a virtual network in Azure Portal.
- Use of the Azure portal’s network diagram feature to visualize network architecture.
- Explanation of how VNets and subnets work with network interfaces, public IPs, and NSGs.
- Emphasis on the differences and appropriate use cases for VNet Peering vs. VPN Gateway.
- Clarification that services like Azure App Services can also be used behind load balancers or application gateways, not just VMs.
Summary Recap
- Virtual Networks: Cloud-based network segmentation and management.
- VPN Gateway: Secure connectivity between on-premises and cloud.
- Load Balancer: Even traffic distribution for non-web workloads.
- Application Gateway: Web traffic load balancing with advanced features.
- CDN: Global content distribution for static web assets to reduce latency.
Resources & Next Steps
- Additional study materials such as cheat sheets and practice tests are available on the speaker’s website.
- Encouragement to subscribe and continue following the AZ-900 fundamentals series.
Main Speaker
- Adam (host and instructor of the Azure Fundamentals course)
Category
Technology
