EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USAzure Networking Concepts
Microsoft Global Network
Microsoft Global Network has datacenter in more than 50 locations worldwide and are accessible to more than 140 countries.
Microsoft provides a high available technology platform infrastructure that scales across multiple location worldwide. This Microsoft Global Infrastructure enables traffic to move across or between Regions, Availability Zones, Edge Locations and Customer cross-connect locations.
Microsoft Global Infrastructure are divided into Regions and Availability zones.
Regions:
A region is a separate geographical area where Microsoft operates all of its cloud services (Like EC2, Database, Storage, Network & Security and many more) as whole.
Each Regions are completely independent of each other in terms of:
- Fault Isolation
- Fault tolerance
- Availability & Stability
These Region are interconnected by Microsoft Global Wide Area Network (WAN). Microsoft being a software-based company, have a cloud-optimized software-based WAN Architecture called as Software driven WAN (SWAN). SWAN is used to optimize the utilization of Inter-Datacenter Network capacity, by redirection of network traffic from one network segment to another segment that has available bandwidth.
Multiple regions are contained within a geography and each regions contains two or more Availability Zones. Below table shows four Identifies geographies that have at least two regions within them. This list is not complete but we can use it as reference, to understand that, when data is replicated for redundancy for a specific region, data remains in same geography, due to which, residency and redundancy issues are mostly solved.
Some Azure Products replicates data from a region to another outside the geography, example: LUIS, Azure Machine Learning or any beta Products.
In above table, see the Sovereign and Available To column, A Sovereign Region means that, it is not connected to global Microsoft Azure Network and there is not data being moved out from this region to another. Due to Government Security, Only United States, Germany and China are only countries with a Sovereign Cloud Azure Implementation. The Available TO column, means when you are in portal, it knows your business locations, because you have provided while creating to subscription. If your business Location is not like Germany or Australia and when you create Azure resources, those regions will not show as a selectable option.
Availability Zones:
Each region has multiple, isolated location called as Availability zones having one or more DC. Each availability zones are also isolated and are connected to each other via low latency, High Bandwidth fiber link. Each availability zones are powered by independent power grid to have power redundancy. Each Availability Zones are connected via redundant multiple tier-1 service providers.
By placing resources in separate availability zones customer can easily protect website or application from service disruption.
Below figure describes the Azure Geography for a given a region and Availability Zones
Not all regions offer Availability Zones. And regions which offer AZ does not support all Azure products and feature. Therefore, we must know whether your workload being moved to Azure Platform needs AZ.
Below is summery of regions with AZ support and the supported products within them.
Azure Provides us verity of networking Services that can be used individually or in combination. Below are some categories , under which we have divided the Azure Networking Services.
Connectivity Services: It helps in connecting Azure resources and On-Premises . Example : Azure VNet , Virtual WAN , Express Route , VPN Gateway , NAT Gateway , Azure DNS , VNet Peering , Azure Bastion Service.
Application Protection Service : Using the below Azure Service , We can protect the Applications hosted in Azure . Example : Azure Load Balancer , Private Link , DDoS Protection , Firewall , Network Security Group , WAF , Virtual Network Endpoints.
Application Delivery Service : Using Azure Networking , We can deliver the applications closer to User , Clients . Example : Content Delivery Network , Azure Front Door Service , Traffic Manager , Application gateway , Internet Analyzer , Load Balancer.
Network Monitoring : Monitor your Azure Network and Azure Resources , using below service: Network Watcher , Express Route Monitor , Azure Monitor.
Lets Talk about Connectivity Services:
Connectivity Services:
Connectivity Service include below Services: Azure VNet , Virtual WAN , Express Route , VPN Gateway , NAT Gateway , Azure DNS , VNet Peering , Azure Bastion Service.
Azure Virtual Network
An Azure Virtual Network is an isolated and secure network inside the Microsoft Network. This isolated Network consists of one or more subnet, where Azure Resources are deployed.
All Azure resources resides within Microsoft Azure Network. But not all or Every Azure resource will exist on Azure Virtual Network (VNet).
Example: Products like SQL Azure, Azure Storage, Containers, Azure APP Service runs with in Microsoft Network but not with in Azure Virtual Network.
Below table shows, that requires a VNet as reference.
Below are following consideration that needs to be taken under consideration.
- VNet and resources within must exists in the same region.
- The resources which are being added to VNet, Must also exists within same subscription.
- VNet in different regions and different subscription can connect to each other by VNets Peering or using VPNS.
Comment
TABLE OF CONTENTS
RECENT POSTS
- What is Docker and Why is It Important?
- Learn Python 3.0 Programming for Network Automation
- Cisco ACI Data Centre: A Comprehensive Overview
- How to Prepare for the Microsoft Azure AZ-305 Exam
- AWS Training Certification Course for Solutions Architect
- Cisco SASE Architecture
- SASE vs SD-WAN
- What is SASE
- Accessing Amazon S3 using AWS private Link in Secure hybrid method.
- Cisco Smart Licensing Policy
LEAVE A COMMENT
Please login here to comment.