AZURE : Virtual Network :

 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 https://www.youtube.com/watch?v=ADdGZEfmNzQ

 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 How to create a Virtual Network ? Azure Portal .com

Create a Resource


The virtual machine name must be unique to Azure subscription.

My default Microsoft is offering to me 


This is called CIDR Notation and CIDR notation uses a /with a number to represents a range of IP addresses . Therefore Microsoft show you that that the IP addresses go from 10.0.0.0 to 10.0.225.255 .

This encompasses 65536 IP addresses . And the chances are excellent that you are never going to use all these IP addresses on a single VNet . This might be a little excessive , if you are planning to grow your Azure account by creating loads of different resources for loads of different projects , you might want to think about protecting your private addresses  .

/16 is a little excessive If I change this to 24


You have 256 addresses

It is not actually 256 addresses , because Microsoft reserves itself 5 IP addresses therefore it is 256 -5 = 251 addresses .

Resource Group is a logical grouping of  related resources , it is used for management , security and billing

 Microsoft has around 50 regions around the world

Subnets is a way to split your network into at least one more networks , the default subnet is called default but you can call it by any name you want

 


This could be my front end subnet and in this subnet I will place all my web servers public facing services.  You have to mention an address space which is a subset of your total address range .

This subset frontent subset is going to take half of the total address range .


Microsoft is also now offering now something called DDOS protection . Protecting your network from attacks

Standard DDOS protection gives you more option in terms of traffic monitoring , there is machine learning algorithm when looking at the traffic . It is going to apply policies to all of your Public Addresses which is associated with resource so you are associated with resources .

Service end points is also a cool new feature that allows this VNet  to be open directly to other Azure services , this allows to establish a private network with other Microsoft services such as storage , SQL database , cosmos DB or be the warehouse

And a virtual network has been created .

There are no nodes or any devices in this network . It is completely an untouched network but it is available to me . If I go into the Subnet 


I can see the frontend subnet that we created which is other is teh default . I am going to create a second subnet and we are going to call it Backends , and this is where you are going to put in your Application servers .


So I am creating a second subnet and I still have unused IP addresses in my virtual Network . 


Now you might see this "Gateway Subnet " tab at the top

Gateway : If you are about to create a VNet, the VNet is going to create a Gateway to connect your own network if you are own corporation or if you are in your own home into Microsoft Azure . But the gateway needs its own subnet . So if I were to add a Virtual private to my Vnet , then I would have to start by adding a Gateway subnet


Ans this will add a gate way subnet . it will add another Gateway subnet to our Gateway subnet and that we can have our 

So lets go into the frontend subnet 

One of the options says network security group

There are no Network Security Groups defined in East Us too .

We will go to the and create Network Security Group .

Lets create Network Security Group


Lets create a Network Security Group in East US


While I am here I am also going to create a Back-end security group .

NSG - Network security groups are really the firewall settings for the networks .

We are going to go into the resource group now . We will go into the newresource group , here beside out virtual network and also has Frontend NSG


besides our Private network we have a fronted network security that is been created as well

Now Network Security Group are firewalls and they have inbound and outbound rules.


Rules are processed in order from lowest priority to the highest

It does come with a number of preset rules . I am going to switch over to the "Inbound Security Rules"

So there are three rules that come build into it . The first rule basically allows any traffic the comes from any other virtual network to our virtual network .








 

 

 

 

 

Comments

Post a Comment

Popular posts from this blog

Azure : 400 : Sec : 2 : NEW Configure processes and communication

Image
 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Azure Boards:  How we plan our work using Azure Boards  ?  When you sign into Azure- DevOps - it would have created an Organization and  Project  Azure DevOps Portal : https://azure.microsoft.com/en-us/products/devops Inside Organization > Inside Projects > Boards (Where we do the planning it self) Lets say you want to create a task or you want to create a User Story you will create something as the work Item within a project within your organization Create a New Work Item. I can create the Epic, Issue and Task but I cannot create a User story. Now why is this the case. Now why is this the case.  This is based on the work process model that is chosen within the project when you created within the Organization.  It shows the basic process and based on the basic process these are the ...
Read more

Azure : 104 : Sec: 2 : Azure Concepts

Image
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  Azure Concepts : ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  Azure services are huge . There are literally hundreds of services underneath the Azure Umbrella.  Core services Virtual Machine Virtual Networking Storage Virtual Mahine is a foundation on top of which other compute services provide services. So when you get Kubernetes contains you are actually work with VMs under the hood. Kubernetes is just an abstraction layer about the virtual machines. Virtual Machine Scaleset : It is a way to have load balancers The below are fully managed servers and you do not have remote access into them. Azure Storage Blobs is the most common within which you use containers to store your files.  Microsoft stores 3 copies of your files in case if there was some catastrophy happens  Redundancy Data Services  Data storage in terms of databases. When you are migr...
Read more

Azure-104 : Sec1 :

 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.  Azure Free Account Central URL for Azure is >>> https://portal.azure.com/#home  
Read more