๐ What is Azure Virtual Network (VNet)?
An Azure Virtual Network (VNet) is a logically isolated section of the Azure cloud dedicated to your subscription. It allows you to define a private IP address space, subnets, route tables, and network security groups to control network traffic and connectivity for Azure resources.
"VNet is foundational to Azure networking. Understand the difference between public and private IP addresses. Exam questions often involve scenarios requiring connectivity between VNets, on-premises networks (via VPN or ExpressRoute), and the internet. Know the purpose of Network Security Groups (NSGs)."
๐ Certification: Microsoft Azure Fundamentals (AZ-900)
๐ What are the Key Concepts of Azure Virtual Network (VNet)?
- โธ VNets provide a private IP address space, allowing resources to communicate securely without exposing public IPs directly.
- โธ Subnets segment the VNet, enabling you to organize resources and apply different network policies to each segment.
- โธ Network Security Groups (NSGs) act as virtual firewalls, controlling inbound and outbound network traffic at the subnet or NIC level.
- โธ VNets can be peered with other VNets to enable connectivity between them, creating a larger, unified network.
- โธ Azure offers both regional VNets (confined to a single region) and global VNets (using services like Virtual WAN for broader reach).
๐ฏ How does Azure Virtual Network (VNet) appear on the AZ-900 Exam?
You may be asked to identify the correct Azure service to create a logically isolated network for a new web application deployment, ensuring security and control over network traffic.
A scenario might describe a company needing to connect their on-premises network to Azure โ expect questions about VPN Gateways and their role within a VNet.
Expect questions about troubleshooting connectivity issues between VMs within the same VNet, focusing on NSG rules and routing configurations.
โ Frequently Asked Questions
Can resources in different VNets communicate directly?
No, resources in different VNets cannot communicate directly unless VNet peering is configured. Peering establishes a direct connection, allowing traffic to flow between the networks.
What's the difference between a VNet and a subnet?
A VNet is the overall network, while a subnet is a division *within* that network. Think of a VNet as a city and subnets as neighborhoods โ resources are deployed into subnets.
How do NSGs differ from Azure Firewall?
NSGs provide layer 3 and 4 filtering at the subnet or NIC level, while Azure Firewall is a managed, cloud-based network security service offering more advanced features like threat intelligence and application-level filtering.