Episode Details

Back to Episodes
Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 5: Azure Network Infrastructure and Security

Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 5: Azure Network Infrastructure and Security

Published 1 month, 3 weeks ago
Description
In this lesson, you’ll learn about securing Azure network infrastructure and managing hybrid connectivity in Microsoft Azure:Remote Access Management
  • Applying operational security best practices:
    • Using dedicated admin workstations to protect credentials
  • Securely accessing virtual machines using:
    • Azure Bastion for RDP/SSH over SSL via the Azure portal
  • Eliminating exposure of public IPs for management access
Hybrid Networking Solutions
  • Connecting on-premises infrastructure to Azure:
    • Azure VPN for encrypted tunnels over the public internet
    • ExpressRoute for private, high-speed enterprise connections
    • Network Virtual Appliances (NVAs) for advanced third-party firewall and security capabilities
  • Choosing the right solution based on:
    • Performance requirements
    • Security needs
    • Cost considerations
Azure Firewall Implementation
  • Deploying Azure Firewall as a centralized security layer
  • Configuring:
    • Network rules (IP + ports filtering)
    • Application rules (FQDN-based filtering)
  • Integrating within a hub-and-spoke architecture for:
    • Centralized traffic inspection
    • Simplified security management
Global Application Delivery & Protection
  • Using Azure Front Door for:
    • Layer 7 load balancing
    • SSL termination
    • High-performance global routing
  • Enhancing protection with Azure Web Application Firewall (WAF):
    • Blocking SQL injection and XSS attacks
    • Applying geo-filtering policies
    • Mitigating DDoS attacks
Hands-On Implementation
  • Deploying multi-region backend infrastructure
  • Configuring:
    • Custom domains with SSL certificates
    • WAF policies for traffic filtering and threat mitigation
Key Takeaways
  • Secure access starts with controlled entry points (like Azure Bastion)
  • Hybrid connectivity requires balancing security, speed, and cost
  • Centralized security (Azure Firewall + hub-spoke) improves visibility and control
  • Edge services (Front Door + WAF) are critical for performance and protection at scale
This lesson equips you with the knowledge to design secure, scalable, and globally accessible Azure network architectures.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us