Microsoft Azure Networking

Home » Webinars » Cloud Computing and Networking » Microsoft Azure Networking

This webinar will help demystify the networking aspects of Microsoft Azure. We'll start with the high-level concepts, cover security aspects, and conclude with complex routing and hybrid cloud implementations.

Last modified on 2024-01-07 (release notes)


Microsoft Azure Networking

Read This First

New Azure Services and Features 2.3K 2022-11-28

This document describes the updates to webinar materials, and lists the new features of existing Azure services that are not yet covered in the webinar materials. If you're planning a bleeding-edge deployment, you might want to read it first.

1:16:38 Introduction

This section introduces Azure API and CLI, high-level constructs like geographies, regions and availability zones, provides an overview of networking elements and high-availability mechanisms and describes resource manager and resource groups.

Azure Fundamentals 16:33 2020-01-04
Geographies, Regions and Availability Zones 11:32 2020-01-04
High Availability 15:44 2020-01-04
Deployment Models 8:01 2020-01-04

24:48 Hands-on Demos

Create the First VM in a New Region 14:32 2019-08-24
Create Another VM in the Same Subnet 10:16 2019-08-24
Source code for Azure demo scripts

Additional Information

High-level overview of regions, availability zones and SLA targets

1:13:53 Virtual Networks, Subnets, Interfaces and IP Addresses

In this section you'll learn about Azure virtual networks and subnets, VM interfaces, private and public IP addresses, and DNS and DHCP services.

Virtual Networks and Subnets 20:55 2020-01-04
Interfaces 7:26 2020-01-04
IP Addresses, DNS and DHCP 9:20 2020-01-04
Public IP Prefixes 10:49 2022-11-28
Simple Deployment Scenarios 16:00 2020-01-04

9:23 Hands-on Demos

Create a VNet and Two Subnets, and Deploy VMs 9:23 2019-08-24

1:04:08 Azure Network Security Mechanisms

Azure offers numerous network security mechanisms. This section covers intra-VNet mechanisms including:

  • Network Security Groups;
  • Application Security Groups;
  • Packet capture and flow logging;
  • Monitoring tools like IP Flow Verify.

Azure Firewall is described in a separate section.

Azure Network Security Mechanisms 7:47 2020-01-04
Network Security Groups 10:03 2020-01-04
Network Security Group Examples 9:13 2020-01-04
Application Security Groups 7:02 2020-01-04
Network Security Monitoring and Troubleshooting 7:18 2020-01-04

22:45 Hands-on Demos

Network Security Groups 14:29 2019-08-24
Application Security Groups 8:16 2019-08-24

53:20 User-Defined Routes and Subnet Routing Tables

Each subnet in Azure Virtual Network can have a custom route table. This section describes:

  • System (default) routes always present in virtual networks;
  • Route import from BGP sessions between VNG and customer routers;
  • User-defined static routes.

The examples cover a range of scenarios, from simple private subnet with no Internet access to complex service insertion.

Multiple Routing Tables 10:18 2020-01-04
User-Defined Routes 11:42 2022-11-28
UDR Examples 6:38 2020-01-04
Azure Route Server 17:31 2021-03-12

7:11 Hands-on Demos

Custom Route Tables 7:11 2019-08-24

Configuration Examples

Testing Azure Route Server

New Azure Features

Next hop IP support for Route Server

14:01 Internet Connectivity

Internet access is built into Azure VNet service, and a default route is part of the default routing table. This short section explains the remaining NAT intricacies.

Internet Connectivity 14:01 2020-01-04

1:58:33 External Connectivity

Azure Virtual Networks could be connected to global Internet, to other virtual networks, or to remote sites using IPsec tunnels (VPNs) or direct connections (ExpressRoute).

This section describes Azure external connectivity options, and the concept of Virtual Network Gateways used to implement VPN and ExpressRoute connections.

VNet Peering 17:48 2022-11-28
Virtual Network Gateways 10:29 2020-01-04
VPN Connections 13:19 2022-11-28
Complex VPN Scenarios 16:43 2022-11-28
ExpressRoute Connections 12:17 2022-11-28
Advanced ExpressRoute Scenarios 6:15 2020-01-04
Azure Private Link 15:22 2022-11-28

11:34 Hands-on Demos

Virtual Network Peering 11:34 2019-08-24

New Azure Features

Multiple features for Azure VPN Gateway
Azure ExpressRoute Traffic Collector
ExpressRoute IPv6 Support for Global Reach

14:46 From the Design Clinic

Direct or VPN Access to a Public Cloud 14:46 2023-04-04

2:13:00 Azure Virtual WAN

Azure Virtual WAN is Microsoft's attempt at building an SD-WAN service; Virtual Hubs are the transit virtual routers within Virtual WAN.

This section describes the basics of Virtual WAN and Virtual Hubs, dives deep into Virtual Hub routing, including multiple route tables and transit routing. It also explores various connectivity scenarios, from simple any-to-any connectivity to hub-and-spoke connectivity including networking appliances and Azure Virtual Firewall.

Virtual WAN Overview 8:50 2021-05-17
Virtual Hub Overview 17:17 2021-05-17
Virtual Hub Routing 23:31 2021-05-17
Virtual WAN Configuration and Management 13:49 2021-05-17

Configuration Examples

Azure Virtual WAN Scenarios

36:55 Connectivity Scenarios

Simple Connectivity Scenarios 6:28 2021-05-17
Multi-Hub Deployments 9:30 2021-05-17
Shared Services 9:16 2021-05-17
Hub-and-Spoke Scenarios 7:29 2021-05-29
Adding Branches 4:12 2021-05-29

32:38 Secure Virtual Hub

Secure Virtual Hub 17:55 2021-05-29
Network Virtual Appliance Integration 14:43 2021-05-29

2:52:47 Load Balancing in Azure

Azure provides numerous TCP/UDP and HTTP load balancing services, including Azure Load Balancer, Azure Application Gateway, and Azure Front Door. You can also use DNS-based load balancing with Azure Traffic Manager, or HTTP caching with Azure CDN. All these services are described in this section.

Introduction to Load Balacing and Scale-Out Architectures

If you're not familiar with load balancinc concepts, you might want to watch this part of Data Center Infrastructure for Networking Engineers before proceeding into the details of Azure services.

Azure Load Balancing Functionality 24:39 2022-11-28
Zone Awareness in Azure Load Balancing 5:44 2021-03-24

59:37 Azure Load Balancer

Azure Load Balancer is an intra-region transparent TCP/UDP load balancer.

Azure Load Balancer Overview 17:14 2021-03-24
Azure Load Balancer Details 13:55 2021-03-24
NAT Rules 9:39 2021-03-24
Floating IP Addresses 5:17 2021-03-24

This is one of those features that should never be used... but if you have to deal with it, you might find this short video useful.

High-Availability Ports 9:27 2021-03-24

The only sensible use case for high-availability ports is a networking virtual appliance (example: firewall) with numerous TCP/UDP ports. In all other scenarios, please try to find a less complex solution.

Cross-Region Load Balancing 4:05 2021-03-24

35:25 Azure Application Gateway

Azure Application Gateway is an intra-region HTTP(S) reverse proxy (load balancer)

Azure Application Gateway Overview 11:26 2021-03-24
Deploying and Configuring Azure Application Gateway 15:05 2021-03-24
Azure Application Gateway Load Balancing Details 8:54 2021-03-24

27:33 Azure Front Door and CDN

Azure Front Door and Azure CDN are global caching HTTP proxies/load balancers

Azure Front Door 13:28 2021-03-24
Azure Front Door Request Routing 9:47 2021-03-24
Azure CDN 4:18 2021-03-24

19:49 Azure Traffic Manager

Azure Traffic Manager is a global DNS-based load balancer

Azure Traffic Manager Overview 6:38 2021-03-24
Traffic Manager Request Routing 13:11 2021-03-24

New Azure Features

Enhancements to Azure Web Application Firewall

1:07:25 Azure Firewall

Azure Firewall is a scale-out stateful L3-L7 firewall that can be used to filter Internet traffic, inter-VNet traffic, or even traffic between on-premises and Azure hosts.

Azure Firewall Overview 16:10 2023-01-09
Configuring Firewall Policy 10:16 2023-01-09
Deployment Scenarios 8:40 2023-01-09
Hub-and-Spoke Deployments 7:33 2023-01-09
Hybrid Deployments 9:22 2023-01-09
Limitations 15:24 2023-01-09
Slide Deck 3.9M 2022-11-19

1:12:31 Automating Azure Deployments

It's a pleasure to work with Azure API: objects have names, you can refer to them by names, and the API uses create-or-update approach, making automation scripts or playbooks extremely easy to develop or understand.

This section explains the principles of Azure API, and describes how to use bash scripts, Ansible playbooks, Terraform configuration files, and Resource Manager Tempaltes to create, update, or delete networking- and compute infrastructure.

Azure Automation Principles 17:34 2020-05-11
Creating and Updating Azure Objects 15:33 2020-05-11
Dealing with Object Hierarchy 14:19 2020-05-11
Creating Azure Virtual Machines 3:59 2020-05-11
Using Ansible Azure Modules 7:11 2020-05-11
Azure Resource Manager Templates Overview 13:55 2020-05-11

Source Code for Automation Examples

Bash scripts
Ansible playbooks
Resource Manager templates
Terraform configuration files

5:57 Summary

Summary 5:57 2020-01-04

Slide Decks

Azure Networking Deep Dive 5.4M 2022-11-28
Azure External Connectivity 4.0M 2022-11-28
Azure Load Balancing 4.5M 2022-11-28
Azure Virtual WAN 4.1M 2021-04-07
Automating Azure Deployments 11M 2020-02-02
You started this section on %started% Mark completed