3 Implementing network security in Azure: Firewall, WAF, and DDoS protection
This chapter covers
- What is Azure network security, actually?
- Azure Firewall
- Azure Web Application Firewall
- Mitigating DDoS attacks
Networking continues to be a fundamental building block of any public cloud environment. Understanding how to implement a secure network infrastructure in Azure, is what this chapter teaches you. In it, you learn how to differentiate between the various network security services in Azure and implement them effectively.
Note
To follow along the exercises in this chapter, you can use the GitHub repository available at https://github.com/bmagusic/azure-security.
Along the way, I introduce you to a couple of additional models and concepts, which make it easier to understand how to implement network security in Azure. You learn this on an example of securing resources in Azure and providing secure access to these resources through the implementation of native network security services. These native network security services are commonly referred to as Azure network security.
3.1 What is Azure network security, actually?
Azure network security is a set of Azure services that you can use to implement a secure network infrastructure in Azure. The network security services that this chapter teaches you are the following:
- Azure Firewall Standard
- Azure Firewall Premium
- Azure Web Application Firewall
- Azure DDoS Protection Basic
- Azure DDoS Protection Standard