Networking is a critical component of any cloud infrastructure. IT teams need to connect resources and optimize application performance — all of which depends on solid network architecture.
Microsoft Azure networking services offer various capabilities to connect and manage cloud resources. Beyond virtual networks and a number of connectivity options, Azure offers tools to monitor and manage traffic, perform load balancing and ensure secure user connections.
Review these key terms to learn more about Microsoft Azure networking services:
Azure Virtual Network (VNet): An Azure VNet is an isolated network within the Azure cloud that enables enterprises to securely connect cloud resources, such as VMs. Enterprises use the service to set up and manage virtual private networks (VPNs) and can create multiple VNets within an Azure subscription or region. Enterprises can choose to connect VNets so that resources within separate VNets can communicate. They can also set up private network connections between on premises and Azure.
Azure Load Balancer: Azure Load Balancer is a Layer 4 load balancer designed to ensure high availability. IT teams can configure the service to perform internet-facing load balancing, which balances incoming traffic from the internet among Azure VMs, as well as internal load balancing, which manages traffic among VMs in a VPN. This Azure networking service automatically reconfigures itself when admins scale an instance and has monitoring features that cease connections to an instance if it’s not performing well.
Azure Application Gateway: Azure Application Gateway is an application delivery controller service that offers Layer 7 load balancing. Its features include HTTP load balancing, URL-based content routing and multisite routing. Enterprises can use diagnostics tools, such as access logs, as well as monitoring features. A web application firewall also protects from web-based attacks, such as cross-site scripting.
Azure VPN Gateway: VPN Gateway is a network gateway service that enables encrypted traffic to travel across multiple types of virtual networks or sites. Available configurations for VPN Gateway connections include Site-to-Site, Multi-Site, Point-to-Site, VNet-to-VNet and Microsoft Azure ExpressRoute.
Azure Domain Name System (DNS): Azure DNS is a service that hosts a DNS domain and allows admins to manage its records. The service hosts domains on Azure DNS name servers, which are located globally. Admins manage DNS records through the Azure Portal, Azure PowerShell and the Azure command-line interface. The service is based on Azure Resource Manager and has similar security features, such as role-based access controls.
Azure Content Delivery Network (CDN): CDN is an Azure networking service that delivers high-bandwidth content through CDN caches. The CDN caches are in edge locations around the world to provide content more quickly and with lower latency to end users. It is commonly used for static content, such as documents and files, but teams can also configure the service for dynamic content, such as a PDF. Azure offers three CDN products: Azure CDN Standard from Akamai, Azure CDN Standard from Verizon and Azure CDN Premium from Verizon.
Azure Traffic Manager: Microsoft Azure Traffic Manager enables admins to distribute user traffic for Azure VMs, cloud services and web applications to boost availability and prevent downtime. It uses DNS to route user traffic to the most optimal endpoint. The service also includes continuous endpoint monitoring and automatic failover.
Azure ExpressRoute: ExpressRoute is an Azure networking service that privately connects an enterprise’s on-premises infrastructure to the Microsoft public cloud via a third-party connectivity provider. Because the connection is private, it offers lower latency and greater reliability than the public internet. Azure ExpressRoute connectivity providers include Comcast, AT&T and Equinix.
Azure Network Watcher: Network Watcher is a regional service that enables IT teams to monitor their Azure networking services. While Azure provides monitoring capabilities for each of its individual network resources or services, Network Watcher is designed to provide a more holistic view of the network and how those resources interact. Enterprises can view the interconnections between resources, as well as their usage.