• Virtual Network (VNet)

    Virtual networks (VNets) are used in Azure to provide private connectivity for Azure Virtual Machines (Azure VMs) and some Azure services. VMs and services that are part of the same virtual network can access one another. By default, services outside the virtual network cannot connect to services within the virtual network. You can, however, configure the network to allow access to the external service.

    Services that talk to each other within a virtual network do not travel through the Azure Load Balancer, which gives you better performance. It’s not significant, but sometimes every little bit counts.

    Here’s an example of how you might want to use that virtual network for connectivity to a private resource. Let’s say you have a front-end web application running in a VM, and that application uses a back-end database running in a different VM. You can put the back-end database in the same virtual network as the web application; the web application will access the database over the virtual network. This allows you to use the back-end database from the web application without the database being accessible on the public Internet.

    A Virtual Network Gateway is a fully managed service in Azure that is used for cross-premises connectivity. You can add a Virtual Network Gateway to a virtual network and use it to connect your on-premises network to Azure, effectively making the virtual network in Azure an extension of your on-premises network. This provides the ability to deploy hybrid cloud applications that securely connect to your on-premises datacenter.

    More complex features available include multisite VPNs, in-region VNet-to-VNet, and cross-region VNet-to-VNet. Most cross-premises connections involve using a VPN device to create a secure connection to your virtual network in Azure. VNet-to-VNet connectivity uses the Azure Virtual Network Gateway to connect two or more virtual networks with IPsec/IKE S2S VPN tunnels. Being able to have cross-premises connectivity gives you flexibility when connecting one or more on-premises sites with your virtual networks. For example, it gives you the ability to have cross-region geo-redundancy, such as SQL Always On across different Azure regions.

    Source of Information : Microsoft Azure Essentials Fundamentals of Azure Second Edition


0 comments:

Leave a Reply