💻
AZ-900 Notes
  • Intro to me
  • CAPEX vs OPEX
    • CAPEX vs OPEX
  • Core Azure Things
    • Regions
    • Region Pairs
    • Geographies
    • Availability Options
    • Availability Sets
    • Availability Zones
    • Resource Groups
    • Resource Manager
  • Compute
    • Virtual Machines
    • Virtual Machine Scale Sets
    • App Service
    • Functions
  • Container
    • Container Instances
    • Kubernetes Service
  • Networking
    • Virtual Network
    • Load Balancer
    • Virtual Private Network (VPN) Gateway
    • Application Gateway
    • Content Delivery Network
  • Storage
    • Disk Storage
    • Containers (Blobs)
    • Files
    • Queues
    • Tables Storage
  • Database
    • Cosmos DB
    • SQL Database
    • Database Migration
  • Marketplace
    • Marketplace
  • Internet of Things (IoT)
    • IoT Central
    • IoT Hub
  • Big Data and Analytics
    • Synapse Analytics
    • HDInsight
    • Data Lake Analytics
  • Artificial Intelligence
    • Cognitive Services
    • Machine Learning Service
    • Bot Service
  • Serverless Computing
    • Functions
    • Logic Apps
    • Event Grid
  • DevOps
    • Azure Boards
    • Azure Pipelines
    • Azure Repos
    • Azure Test Plans
    • Azure Artifacts
    • DevOps Services
    • Lab Services
  • App Service
    • App Service
  • Management Tools
    • Portal
    • PowerShell
    • Command Line Interface (CLI)
    • Cloud Shell
    • Mobile App
    • REST API
  • Azure Advisor
    • Azure Advisor
  • Securing Networks
    • Azure Firewall
    • Azure Distributed Denial of Service protection
    • Network Security Groups
    • Application Security Groups
    • Network Security Solutions
  • Identity
    • Authentication vs Authorization
    • Active Directory
    • Multi-Factor Authentication
  • Security Tools and Features
    • Security Centre
    • Key Vault
    • Azure Information Protection (AIP)
    • Advanced Threat Protection (ATP)
  • Azure Governance
    • Azure Policy
    • Implementing Azure Policy
    • Policy Initiatives
    • Role-Based Access Control (RBAC)
    • Resource Locks
    • Blueprints
    • Subscription Governance
  • Monitoring
    • Tags
    • Azure Monitor
    • Azure Service Health
    • Monitoring
  • Privacy and Compliance
    • Compliance
    • Microsoft Privacy Statement
    • Trust Centre
    • Service Trust Portal
    • Azure Government Services
    • Azure China 21Vianet
    • Azure Germany
  • Azure Subscriptions
    • Azure Subscriptions
    • Subscriptions Offers
    • Azure Free Account
    • Management Groups
    • Support Plans
  • Managing Costs
    • Purchasing Azure Resources
    • Factors affecting costs
    • Zones For Billing Purposes
    • Pricing Calculator
    • Total Cost of Ownership Calculator
    • Cost Management
    • Costs Best Practices
  • Service Level Agreements (SLAs)
    • Service Level Agreements (SLAs)
    • SLAs Percentages
    • Composite SLA
    • Application SLA
  • Service Lifecycle
    • Public and Private Preview
    • How to access Previews
    • How to access Portal Previews
    • General Availability
    • Monitor updates
Powered by GitBook
On this page
  • Perimeter Layer
  • Network layer
  • Combine services

Was this helpful?

  1. Securing Networks

Network Security Solutions

Perimeter Layer

  • Protecting organizations from network-based attacks against your resources.

  • Identifying these attacks, alerting, and eliminating their impact is important to keep your network secure.

  • Use Azure DDoS Protection to filter large-scale attacks before they can cause a denial of service for end users.

  • Use perimeter firewalls with Azure Firewall to identify and alert on malicious attacks against your network.

Network layer

  • Limiting network connectivity across all your resources to only allow what is required.

  • Restrict communication to only what is needed - you reduce the risk of lateral movement throughout your network from an attack.

  • Use NSGs to create rules about inbound and outbound communication at this layer.

  • Limit communication between resources through segmenting your network and configuring access controls.

  • Deny by default.

Combine services

  • Combine multiple Azure networking and security services to manage your network security and provide increased layered protection.

  • Network security groups and Azure Firewall.

  • Application Gateway WAF and Azure Firewall.

PreviousApplication Security GroupsNextAuthentication vs Authorization

Last updated 4 years ago

Was this helpful?