How DNS WorksTo properly understand the various DNS services and features available in Azure, it is first necessary to understand how the domain name system works. In particular, it is important to understand the different roles played by recursive and authoritative DNS servers, and how a DNS query is routed to the correct DNS name…

Skill 4.3: Configure name resolution and load balancing Humans work with names, but computers prefer IP addresses. Fundamentally, DNS is about mapping names to IP addresses, making name-based rather than IP-based networking possible. Simplifying somewhat, a client makes a DNS query containing a domain name and receives a response containing the IP address for that…

Configure private endpoints for Azure servicesPrivate endpoints take the concept of service endpoints one step further. In the same scenario of a VM in subnet0 trying to communicate with a storage account, in addition to using a pri- vate IP address as the source IP address, the destination IP address will also be private. Private…

Configure service endpoints for Azure servicesBy default in Azure, PaaS services are accessible using a public endpoint that resolves to a public IP address. When a VM in a subnet accesses this service, for example a storage account, the network and routing from the VM translates the source IP to the IP of the VNet…

Deploy and configure Azure Bastion ServiceGenerally, you connect to remote virtual machines with either RDP or SSH. To do so, you either need to assign a public IP address (with the RDP/SSH port exposed) to the VM to which you are trying to connect, or you need to provision an additional jump server, assign a…

Create and configure an application security groupApplication security groups (ASGs) are separate objects that you create in your Azure subscrip- tion. You can think of an ASG like a group object in an identity system–members of the group have the permissions and access that are assigned to the group. ASGs work in a similar way—…