Azure Virtual WAN is a Microsoft-managed network service deployed to Azure. It provides a lot of functionality, including: It is intended to simplify the configuration of VPN/ExpressRoute/SD-WAN connectivity and provide easy-to-deploy hub and spoke topologies with no complex routing tables or VNet peering config. At the time of writing, it also supports Azure Firewall or…
Category: Network
Connecting Hub and Spoke Topologies in Azure
In a previous post here I detailed how to deploy a single-region hub and spoke network topology in Azure. However, most deployments in Azure have a requirement for high availability, meaning multiple hub and spoke topologies in different Azure regions. Deploying and connecting the two hub and spoke topologies is a complicated process so I…
Network Security Group Best Practices
Time and time again I’ve seen Network Security Groups configured incorrectly, misunderstood or sometimes completely omitted! The intention of this post is to clear up some of the confusion and to define some network security group best practices. What are Network Security Groups (NSGs)? NSGs are a method in Azure networking to filter network traffic….
Deploying a Hub & Spoke Network Architecture in Azure
Hub and spoke network architectures are an increasingly adopted topology in Azure, and I tend to recommend to customers who are new to Azure, are above a certain size (medium – enterprise) and require hybrid connectivity to on-premises or other clouds. Advantages: Cost effective for hybrid connectivity, being able to connect multiple VNets using one…