Explore azure virtual networks (vnet) as private networks that attach resources, allocate private ip ranges, enable internet and on-premises connectivity, and support subnets, peering, and private endpoints.

Create a virtual network in the Azure portal by selecting a resource group and region, defining an address space and multiple subnets, and optionally configuring security and validation.

Explore Azure virtual network features and configurations, including address space, subnets, access control, peering, bastion, DDoS protection, firewall, DNS, private endpoints, and metrics and logs for monitoring.

Create an Azure virtual network and two subnets, 10.0.0.0/24 and 10.0.1.0/24, using the Azure CLI and Terraform from a resource group.

Learn to create an Azure Virtual Network (VNet) and two subnets using the Terraform provider, including a resource group, VNet spoke, and front-end and back-end subnets with specified address spaces.

Discover how network security groups filter traffic between virtual machines in subnets and Azure Virtual Networks, enforce zero trust, and control access using source, destination, ports, and protocol.

Explore azure network security groups (nsgs) that filter inbound and outbound traffic between vnet resources using source, destination, port, and protocol rules, at layer 3/4 and complementing layer 7 filtering.

Learn to deploy two Azure virtual machines with an nsg via Terraform, access via Azure Bastion, and install nginx with a custom script showing hostname and ip.

Terraform deploys an NSG on a subnet with no rules yet, while default Azure rules allow inbound and outbound traffic within the network and to the internet.

Add a deny outbound NSG rule in Azure, configured via portal or Terraform, using TCP with priority 900 to block all outbound traffic between the subnet front end servers.

Configure an Azure network security group to allow outbound TCP traffic from VM1 to VM2 on port 8080 using a Terraform rule with priority 800, testing connectivity with curl.

Learn to deploy an Azure virtual machine and Bastion with Terraform, secure the VM by disabling public endpoints, and access via a TLS-enabled Bastion in the same VNet.

Deploys a Terraform configuration to provision two Linux VMs and an Azure Bastion, installs nginx, and validates inter-VM connectivity via curl and ping through the Azure Bastion.

Azure virtual network peering privately connects VNets, enabling VM-to-VM traffic via the Microsoft backbone with non overlapping address ranges, featuring hub-and-spoke, mesh, and global peering.

Learn to create bidirectional VNet peering between two Azure virtual networks in the portal with non overlapping CIDR ranges. Configure remote virtual network, cross-subscription options, and direction-specific settings.

Create and configure VNet peering between two Azure networks using Terraform. Deploy two Linux VMs with Nginx via Bastion access and test connectivity.

Learn how Azure Bastion provides secure remote access to Azure virtual machines without public IPs, via TLS on the portal or CLI.

Learn how to create an Azure Bastion in the portal to securely connect to Azure virtual machines, including creating a subnet named Azure Bastion Subnet and a public IP.

connect to a Linux virtual machine using Azure Bastion with SSH and credentials (password or private key), then open the session in a new browser and manage concurrent connections.

Deploy Azure Bastion in an Azure Virtual Network to provide connectivity to machines in peered networks, with hub and spoke topology enabling a scalable, shared resource for concurrent sessions.

Discover how Azure Bastion provides connectivity to on-premises virtual machines using IP-based connections, compatible with ExpressRoute or VPN site-to-site setups.

Explore how Azure Bastion costs are driven by the chosen skew (developer, basic, standard), the number of VM scale set instances, and outbound data, with peering traffic priced differently.

Learn to connect to Azure virtual machines via Bastion, using native client or Azure CLI for SSH to Linux and RDP to Windows, with Terraform deployment.

Discover how Azure route tables and user defined routes enable egress routing through the Azure firewall or a network virtual appliance, overriding system routes to filter traffic in virtual networks.

Create a new route table in the Azure portal, configure routes with destination IP CIDR ranges and a virtual appliance as next hop, and attach the table to a subnet.

Learn to configure Azure route tables and UDR to redirect VM traffic through an Azure firewall in a hub-spoke network, enabling inter-spoke communication and end-to-end tracing via trace route.

Explore how azure firewall enables zero trust network access by filtering egress traffic with FQDNs at layer seven, bridging hub-and-spoke vnets via route tables and firewall policies.

Discover Azure Firewall, a security service that filters traffic between Azure resources and on premise networks. Learn to create firewall policies, NAT, and an Azure Firewall subnet in the portal.

Create an Azure firewall in the portal, attach it to a hub vnet with the subnet named Azure Firewall Subnet, and manage rules via a firewall policy.

Apply azure firewall policy application rules to allow a specific FQDN like Microsoft.com in a hub-and-spoke setup, routing traffic to the firewall's private IP with Terraform and testing the exception.

Define a hub-and-spoke azure firewall policy using network rules for layer 3 and 4 filtering to allow traffic from spoke one to spoke two, tested via ping.

configure azure firewall as a dns proxy to resolve private dns zones from spoke networks through the hub, leveraging custom dns settings and dns proxy policy.

Compare Azure firewall SKUs—basic, standard, and premium—highlighting processing bandwidth, DNS capabilities, web content filtering, and advanced threat features such as inbound termination, outbound termination, identity protection, and URL filtering.

Explore Azure firewall options and third-party firewall providers in Azure Marketplace, including Palo Alto, F5, Barracuda, Fortinet, Fortigate, Aviatrix, and Zscaler.

Discover how Azure firewall pricing hinges on deployment cost across basic, standard, and premium tiers and data processing per gigabyte for ingress and egress traffic; prices vary with usage.

Explain how Azure load balancer distributes traffic to virtual machines and VM scale sets, using front-end IP configuration, back-end pools, health checks, and public vs internal configurations.

Discover how Azure load balancer distributes traffic across multiple virtual machines to improve high availability and resiliency with a public IP entry point, health probes, and NSG rules.

Learn to create an Azure load balancer in the Azure portal, configure a front end with a new public IP, and understand back end pools, health probes, and basic routing.

Configure a load balancer to expose traffic via a front end public IP and distribute it to healthy VMs in a back end pool, with health probes and outbound rules.

Expose a web app on an Azure virtual machine via an Azure load balancer, routing to backend VMs with health probes and inbound/outbound rules, using Azure Bastion to install nginx.

Configure an Azure public load balancer to distribute traffic to a virtual network's virtual machine, using backend pools, health probes, and HTTP 80 rules, with NSG inbound access.

Explore how an internal (private) load balancer uses a private IP in a subnet to expose backend resources without a public IP, and its outbound access via Nat gateway.

Expose a web app on a virtual machine scale set with an internal load balancer, using nat gateway for egress and bastion access via a jump box, deploying nginx.

Configure an internal Azure load balancer to expose the web app behind a virtual machine scale set, using a static private front-end IP and health checks on port 80.

Azure load balancer uses health checks to route traffic only to healthy VMs in a three-instance scale set, demonstrating resilience when one instance fails.

Learn how Azure Application Gateway provides layer 7 load balancing for web apps, with URL and path-based routing, WAF protection, SSL termination, autoscaling, and routing to back-end pools.

Learn to create an Azure application gateway in the portal, attach it to a virtual network with a dedicated subnet, and configure front-end, back-end pool, and routing rules.

Deploy a three instance Ubuntu VM scale set behind an Azure application gateway, using a custom script to install Nginx and display hostname and IP on a private web page.

Configure Azure Application Gateway to route traffic to a web application running on a virtual machine scale set, using a backend pool and load balancing.

Learn to deploy an Azure application gateway with an Ubuntu VM scale set via Terraform, exposing a public IP on port 80 and routing to a three-instance NGINX web app.

Learn azure application gateway basics, including one public ip, internal and external ip, and v1 versus v2 behavior. Manage subnets, stop/start via cli, and tls certificates in azure key vault.

Explore how Azure application gateway routes traffic to pods in AKS clusters, using the application gateway ingress controller to track pod IP changes and update the back end configuration.

Explore the Azure application gateway pricing model based on resource creation, capacity unit, and inbound/outbound traffic, including hourly gateway costs, and monthly charges for WAF and scalable instances.

Compare Azure load balancers—Application Gateway, Front Door, Azure Load Balancer, Traffic Manager—to choose the right solution, noting private and global balancing and WAF availability with Application Gateway or Front Door.

Secure a web app behind Azure Application Gateway with a TLS certificate from Azure Key Vault, map a custom domain via Azure App Service domain and Terraform, and enforce HTTPS.