See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/370924202

Introduction Of Microsoft Azure Networking, High-Level Architecture, and

Implementation Process

Article · May 2023

CITATIONS READS

0 1,066

1 author:

Sardar Mudassar Ali Khan

National University of Computer and Emerging Sciences
158 PUBLICATIONS 21 CITATIONS

SEE PROFILE

All content following this page was uploaded by Sardar Mudassar Ali Khan on 20 May 2023.

The user has requested enhancement of the downloaded file.

 Introduction Of Microsoft Azure
Networking, High-Level Architecture,
and Implementation Process
Published By Developer Community

Link: https://dev.to/sardarmudassaralikhan/introduction-of-microsoft-azure-networking-high-
level-architecture-and-implementation-process-2ne3

Contents
Here is a high-level overview of the Azure Networking architecture: ................................................... 3
Virtual Networks (VNets): .................................................................................................................. 3
Subnets: ............................................................................................................................................. 3
Virtual Network Peering:.................................................................................................................... 3
Azure VPN Gateway: .......................................................................................................................... 3
Express Route:.................................................................................................................................... 3
Load Balancer: .................................................................................................................................... 3
Application Gateway: ......................................................................................................................... 3
Traffic Manager: ................................................................................................................................. 3
Azure Firewall:.................................................................................................................................... 3
Network Watcher:.............................................................................................................................. 4
Advantages of Azure Networking: ......................................................................................................... 4
Scalability: .......................................................................................................................................... 4
High availability: ................................................................................................................................. 4
Security: ............................................................................................................................................. 4
Hybrid connectivity: ........................................................................................................................... 4
Cost-effectiveness: ............................................................................................................................. 4
Disadvantages of Azure Networking: ..................................................................................................... 4
Complexity: ........................................................................................................................................ 4
Latency: .............................................................................................................................................. 4
Cost: ................................................................................................................................................... 5
Limited support: ................................................................................................................................. 5
Vendor lock-in: ................................................................................................................................... 5
Implementing Azure Networking involves several steps, including: ..................................................... 5
Creating a virtual network: ................................................................................................................ 5
Creating subnets: ............................................................................................................................... 5
 Configuring network security groups:................................................................................................ 5
Configuring virtual network peering: ................................................................................................. 5
Creating VPN Gateway or ExpressRoute:........................................................................................... 5
Creating a load balancer: ................................................................................................................... 5
Creating an application gateway:....................................................................................................... 5
Configuring Traffic Manager: ............................................................................................................. 6
Implementing Azure Firewall: ............................................................................................................ 6
Monitoring network performance: .................................................................................................... 6
Conclusion .............................................................................................................................................. 6
To facilitate safe and dependable communication between Azure resources, on-premises networks,
and the Internet, Microsoft Azure offers a suite of cloud-based services known as Azure Networking.
The Azure Networking architecture consists of several features and services, each of which has a
specific function in assuring the efficient operation of cloud-based applications and services.

Here is a high-level overview of the Azure Networking architecture:

Virtual Networks (VNets):
Subnets:
A subnet is a VNet's smaller IP address range. Resources inside a VNet are organized and segmented
using subnets, and network traffic flow between resources is controlled. Network security and routing
policies can be enforced on subnets by configuring network security groups (NSGs) and route tables.

Virtual Network Peering:

Two VNets can be joined to one another through virtual network peering. Once two VNets have been
peering, they are able to communicate with one another as if they were a single network. As a result,
resources from various VNets can interact without any issues.

Azure VPN Gateway:

The Azure VPN Gateway is a service that enables you to establish a secure VPN connection between
your on-premises network and an Azure VNet. By doing so, you may securely access Azure resources
from your on-premises network and expand your on-premises network into the Azure cloud.

Express Route:
Between your on-premises infrastructure and Azure datacentres, ExpressRoute offers a dedicated,
private link. In situations where you must transport significant volumes of data between your on-
premises infrastructure and Azure, this offers a more dependable and swifter connection than a
VPN.

Load Balancer:
A service called the Azure Load Balancer divides incoming network traffic among various backend
resources, including virtual machines or virtual machine scale sets. By making sure that incoming
traffic is spread equally among backend resources, load balancing raises the availability and scalability
of applications.

Application Gateway:
The Azure Application Gateway is a service that offers web application firewall (WAF), SSL termination,
and application-level load balancing features. You can do this to enhance the speed, scalability, and
security of your web applications.

Traffic Manager:
You can split up incoming network traffic among various Azure regions or endpoints using the DNS-
based traffic load balancer known as Traffic Manager. Sending users to the closest or most accessible
endpoint enhances the availability and performance of the application.

Azure Firewall:
Your Azure resources are protected and filtered at the network level by the Azure Firewall service.
You can develop and enforce inbound and outbound traffic controls based on source and destination
IP addresses, ports, and protocols using Azure Firewall.
Network Watcher:
A monitoring and troubleshooting service called Network Watcher gives you network-level visibility
into your Azure resources. With the help of Network Watcher, you can record network activity,
identify connectivity problems, and keep an eye on network efficiency.

In general, the Azure Networking architecture offers a full range of tools and services for developing
and administering safe, scalable, and highly available cloud-based services and applications.

Advantages of Azure Networking:

Scalability:
As your company's demands expand, Azure Networking enables you to increase your network
infrastructure swiftly and inexpensively. You can build, manage, and scale up or down many networks
across various regions and locations using Azure's virtual networks.

High availability:
Your services and applications are always accessible thanks to the infrastructure that Azure
Networking offers thanks to its high availability and resilience. Incoming traffic is split among various
backend resources by the Azure Load Balancer and Traffic Manager to increase application availability
and performance.

Security:
Virtual network isolation, network security groups, and Azure Firewall are just a few of the robust
security capabilities offered by Azure Networking to safeguard your resources from both internal and
external threats. The security tools offered by Azure are created to adhere to the most stringent
compliance regulations, including PCI DSS, HIPAA, and ISO.

Hybrid connectivity:
You can use VPN Gateway and ExpressRoute to link your on-premises infrastructure to the cloud
using Azure Networking. You can do this to expand your on-premises network into the cloud and use
your on-premises network to safely access Azure resources.

Cost-effectiveness:
Building and monitoring your network infrastructure can be done affordably using Azure Networking.
You may scale your network infrastructure up or down as necessary with Azure's pay-as-you-go pricing
model because you only pay for the resources you actually use.

Disadvantages of Azure Networking:

Complexity:
Setting up and managing Azure Networking can be challenging, especially if you are unfamiliar with
the system. In order to configure and operate virtual networks, subnets, security groups, and other
network-related services, a certain level of competence and understanding is needed.

Latency:
When employing VPN Gateway, the network delay between Azure resources and on-premises
architecture can be greater than anticipated. The user experience and performance of the
application may be impacted.
Cost:
Despite being affordable for small to medium-sized deployments, Azure Networking can be pricey for
large-scale deployments. When sending massive volumes of data, VPN Gateway and ExpressRoute can
be quite expensive.

Limited support:
Your ability to install apps and services may be constrained by Azure Networking's restricted support
for some network protocols and services.

Vendor lock-in:
You are bound to the Azure platform using Azure Networking, a proprietary solution. Your ability to
switch to on-premises infrastructure or to other cloud platforms may be hampered as a result.

Implementing Azure Networking involves several steps, including:

Creating a virtual network:
In order to give your resources a logical network border, you first create a virtual network in Azure.
Your virtual network's IP address range, subnets, and other network characteristics can be specified.

Creating subnets:
You can create subnets inside a virtual network after you've established one. Using subnets, you may
divide up your network resources and manage traffic flow across them.

Configuring network security groups:

To manage the flow of traffic to and from your resources, you can configure network security groups
(NSGs). The use of NSGs enables the definition of security policies based on IP addresses, port
numbers, and protocols.

Configuring virtual network peering:

For resources in various networks to communicate with one another, you can establish a peering
connection between two virtual networks. Peering links may be created across regional boundaries or
inside a single region.

Creating VPN Gateway or ExpressRoute:

To link your on-premises network to your Azure virtual network, you may set up either an
ExpressRoute circuit or a VPN Gateway. By doing so, you can safely use Azure services and expand
your on-premises network into the cloud.

Creating a load balancer:

To distribute traffic among various backend resources, including virtual machines or virtual machine
scale sets, you can build a load balancer. By ensuring that traffic is spread equally among backend
resources, load balancers increase the availability and performance of applications.

Creating an application gateway:

You can build an application gateway to give your online apps access to web application firewall
(WAF), SSL termination, and application-level load balancing.
 Configuring Traffic Manager:
To spread traffic among various Azure regions or endpoints, you can configure Traffic Manager. By
guiding users to the closest or most accessible endpoint, Traffic Manager enhances the availability
and performance of applications.

Implementing Azure Firewall:

To offer network-level security and filtering for your Azure resources, you can deploy Azure Firewall.
You can develop and enforce inbound and outbound traffic controls based on source and destination
IP addresses, ports, and protocols using Azure Firewall.

Monitoring network performance:

Azure Network Watcher can be used to track down network connectivity issues and analyze network
performance. To assist you in troubleshooting network problems, Network Watcher offers features
including packet capture, flow logs, and connectivity tests.

Conclusion
To make sure that your network architecture is scalable, secure, and highly available, installing Azure
Networking requires a combination of planning, configuration, and monitoring. Before beginning an
installation, it's critical to have a firm grasp of networking fundamentals and Azure Networking
services.

View publication stats