What is a Virtual Network?
If you are a network/admin you probably know what a Virtual Network is. It has the same characteristics as an on-prem network, but it is created in the cloud.
A virtual network is a network created in the cloud via Azure or AWS or any other cloud provider. It creates a logical isolation in the cloud dedicated to the subscription.
What does a Virtual Network do?
When you create a virtual network, it separates the resources from the other VNets. The resources can be your storage or the Virtual machines that you have created using that VNet. Your services can communicate directly within the VNet and that makes it very secure, robust and almost impenetrable once you have applied Network Security Policies.
You can create subnets, apply NICs and even divide your network into multiple subnets depending upon the organization's needs and secure them.
You can assign Public and Private IP addresses to the VNet. A public IP address is an IP that is used to communicate inbound and outbound with the Internet. You may choose to assign a public IP to a NIC. A private IP is a group of IPs that are used to communicate within the network, be it VNet or on-prem or even with the internet with NAT (Network Address Translation). However, when you are creating a VM within the VNet, you should assign at least one private IP to the VM. You can also have a dynamic and static approach while assigning the IP addresses, though the default allocation is dynamic in which IP addresses are not allocated when it’s created. It is created when you are either starting the VM or starting any stopped VM and the IP address is released when you stop or delete the VM.
A VNet can get assigned Internet Facing Load Balancers.
How to create a Virtual Network?
To create a Virtual Network, you need to have an Azure Subscription, if you don’t have one please create one from this link.
The below images will illustrate how you can create a Virtual network.
Understanding DDOS
One thing, which is more important in the above image is DDOS protection.
DDOS is known as Distributed Denial of Service, it is a malicious attempt to disrupt the normal traffic to a web property. The most interesting thing about this protection in Azure is that this is a FREE service. And it is a mandatory aspect of creating a virtual network.
When you enable the Service Endpoint.
The following services will be exposed to the network.
This is how you will create a virtual network.
You can also change the Resource Group for the virtual network.
Here is how you can view/add the subnets.
Here’s how you can provide access to the user over the Network.
This is the simple way to assign a VNet to a specific user, which you can create via Access Control, with the Active directory.
Happy Learning