Azure Virtual Networks

Azure Virtual Network (VNet) is the fundamental building block for your private cloud on Azure. VNet enables many types of Azure resources, such as Azure Virtual Machines (VMs), to securely communicate with each other, with users on-premises, and with the internet. VNet is a logical isolation of the Azure cloud dedicated to your subscription.

What are Virtual Networks?

Learn about the core concepts, benefits, and architecture of Azure Virtual Networks.

Read more →

Key Features

Discover the features like IP addressing, subnets, routing, and network security groups.

Explore features →

Getting Started

Quick start guides and tutorials to create and configure your first virtual network.

Start now →

Networking Scenarios

Understand common use cases such as hybrid connectivity, multi-tier applications, and secure internet access.

View scenarios →

Core Concepts

An Azure Virtual Network is a representation of your own network in the cloud. It's a logical isolation of the Azure cloud that is private to your subscription. You can then use VNet to:

  • Provision and manage virtual machines.
  • Connect to on-premises networks.
  • Segment networks into subnets for better control and security.
  • Implement network security and routing.

The primary components of a VNet include:

  • IP Address Spaces: Define the range of private IP addresses for your VNet.
  • Subnets: Divide the IP address space into smaller segments for organizing resources and applying security policies.
  • Route Tables: Control traffic flow between subnets, the internet, and on-premises networks.
  • Network Security Groups (NSGs): Filter network traffic to and from Azure resources in an Azure virtual network.

Key Features and Capabilities

Azure Virtual Networks offer a robust set of features to manage your cloud network:

  • Hybrid Connectivity: Seamlessly connect your on-premises data centers to Azure VNets using VPN Gateway or ExpressRoute.
  • Network Segmentation: Utilize subnets to isolate different tiers of your application or different teams' resources.
  • Network Security: Implement security at the subnet and network interface level with Network Security Groups (NSGs) and Azure Firewall.
  • Private IP Addressing: Assign private IP addresses from your defined address spaces to resources within the VNet.
  • DNS Resolution: Integrate with Azure DNS or use your own DNS servers for name resolution.
  • Load Balancing: Distribute incoming traffic across multiple virtual machines using Azure Load Balancer or Application Gateway.

Getting Started with Azure Virtual Networks

Follow these steps to begin working with Azure Virtual Networks:

  1. Create a Virtual Network: Use the Azure portal, Azure CLI, or Azure PowerShell to define your VNet and its address space.
  2. Create Subnets: Divide your VNet into one or more subnets, each with its own IP address range.
  3. Deploy Resources: Deploy virtual machines or other compatible Azure services into your subnets.
  4. Configure Security: Apply Network Security Groups (NSGs) to control inbound and outbound traffic.
  5. Connect to On-Premises: Set up a VPN connection or ExpressRoute for hybrid scenarios.

Example: Creating a VNet with Azure CLI


az network vnet create \
  --resource-group myResourceGroup \
  --name myVNet \
  --address-prefix 10.0.0.0/16 \
  --subnet-name mySubnet \
  --subnet-prefix 10.0.0.0/24

Common Networking Scenarios

Azure Virtual Networks are the foundation for many cloud deployment patterns:

  • Web Application Deployment: Deploy web servers in one subnet and application servers in another, connected via a load balancer.
  • Hybrid Cloud: Connect your on-premises network to an Azure VNet to extend your data center into the cloud.
  • Microservices Architecture: Isolate different microservices into dedicated VNets or subnets for enhanced security and management.
  • Disaster Recovery: Utilize VNets and VPNs to establish failover capabilities to Azure.

Related Topics