Azure Networking Reference
This section provides comprehensive documentation for Azure networking services, enabling you to design, build, and manage secure, scalable, and high-performance network infrastructures in the cloud.
Virtual Networks (VNet)
Azure Virtual Network (VNet) is the foundational building block for your private network in Azure. VNets allow you to provision and manage a virtual network in Azure. It is a logically isolated network dedicated to your subscription. You can create subnets, control IP addressing, and define routing rules.
az network vnet create --name MyVNet --resource-group MyResourceGroup --address-prefix 10.0.0.0/16
Load Balancing
Azure Load Balancer is a Layer 4 (TCP, UDP) load balancer that enables you to distribute traffic across multiple virtual machines or services. It provides high availability and fault tolerance.
az network lb create --name MyLoadBalancer --resource-group MyResourceGroup --frontend-ip-name MyFrontend --backend-pool-name MyBackendPool
VPN Gateway
Azure VPN Gateway allows you to send encrypted traffic between your on-premises networks and Azure securely over the public internet. It supports site-to-site (S2S) VPN, point-to-site (P2S) VPN, and VNet-to-VNet connections.
az network vpn-gateway create --name MyVpnGateway --resource-group MyResourceGroup --public-ip-address MyVpnGatewayIP --sku VpnGw1
ExpressRoute
Azure ExpressRoute allows you to create private connections between Azure data centers and infrastructure that is either on-premises or in a colocation environment. ExpressRoute connections do not go over the public Internet.
| Feature | Description | Learn More |
|---|---|---|
| Bandwidth Options | Various bandwidths available from 50 Mbps to 10 Gbps. | Details |
| Provider Types | Throughput, Colocation, or Any-to-Any partners. | Providers |
| Routing | Supports BGP for dynamic routing. | BGP |
Application Gateway
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It provides Layer 7 load balancing, SSL termination, cookie-based session affinity, and Web Application Firewall (WAF).
az network application-gateway create --name MyAppGateway --resource-group MyResourceGroup --sku WAF_v2 --public-ip-address MyAppGatewayIP
Azure Firewall
Azure Firewall is a cloud-native and intelligent network security service that protects your virtual network resources. It's a managed, cloud-based network security service that protects your Azure Virtual Network resources.
az network firewall create --name MyAzureFirewall --resource-group MyResourceGroup --location westus2 --sku Standard
Network Security Groups (NSG)
Network Security Groups (NSGs) contain a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Networks. NSGs can be associated with subnets and/or individual network interfaces (NICs).
az network nsg rule create --resource-group MyResourceGroup --nsg-name MyNsg --name AllowHttp --priority 100 --destination-port-range 80 --protocol Tcp --access Allow --source-address-prefix '*'
Azure DNS
Azure DNS provides a reliable and secure DNS hosting service for your Azure and non-Azure domains. Manage your DNS records using the same credentials, APIs, tools, and billing as your other Azure services.
Traffic Manager
Azure Traffic Manager is a DNS-based traffic load balancer that allows you to distribute traffic to your service endpoints in various global Azure regions, or even to on-premises endpoints.
Azure Front Door
Azure Front Door is a modern cloud Content Delivery Network (CDN) that provides fast, secure, and widely scalable web application delivery. It offers features like SSL offloading, path-based routing, and protection against common web threats.
Virtual WAN
Azure Virtual WAN is a networking service that brings together many networking, security, and routing functionalities to provide a single operational interface. It offers a hub-and-spoke architecture for simplified connectivity.