Summary
In this chapter, we addressed network security, and prior to that, we saw how to manage cloud identities. We need to remember that network security doesn't stop with IaaS and VNets. Network security basics are usually associated with VNets and NSGs. But even with IaaS, it does not stop there, and we have options to extend with an NVA or Azure Firewall. With PaaS, we can leverage VNet's service endpoints, but extend security with services such as Application Gateway or Azure Front Door.
However, with all the preclusions limiting who, how, when, and from where we can access our resources, we still need to handle sensitive information and data. The next chapter will address how we can manage certificates, secrets, passwords, and connection strings using Azure Key Vault.
