2. Azure ExpressRoute Direct gives you the ability to enable up to 100 Gbps con-
nectivity directly into Microsoft’s global network at strategically distributed peer-
ing locations. This supports massive data ingestion scenarios into Azure storage
and other big data services.
3. Azure Firewall: Up until now, securing the traffic flows and control of one’s
Azure environment would usually require the deployment of network virtual
appliances (NVAs) using third-party solution providers, such as Barracuda, Forti-
net, Palo Alto, etc. However, these NVAs would follow a traditional IaaS-based
deployment, with scaling and availability being the key considerations to ensure
adequate security SLAs. Azure Firewall is a managed, cloud-based network secu-
rity service with built-in high availability and scalability. Additionally, this service
will expand out to third-party vendors to provide SaaS-based security policy
management capabilities across Azure.
4. Azure Front Door Service: We often work with customers to deploy highly avail-
able web-based applications on Azure on a global scale, with key requirements
such as low application loading times and global load balancing, without compro-
Spoke 1
L3-L7 Connectivity
Policies
NAT, Network and
Application traffic filter-
ing rules allows Inbound/
Outbound access
Spoke 2
Azure to
On-Prem
traffic filtering
Spoke VNets
Central
VNet
On-Premises
Figure 8: Azure Firewall
34 | THE DOPPLER |
WINTER 2019
Traffic is denied
by default