Network segmentation and design
Setting up virtual networks and virtual machines, assigning them public IP addresses, and making them publicly available in Microsoft Azure is easy. Azure also provides over 50 regions across the globe that we can use to create services in different geographies and make them available to our end users.
However, we should always start with building a secure foundation that ensures that services are only exposed in a secure manner, either through a secure gateway or, if you have web services, behind a web application firewall.
It is also important to have a network design that ensures that service-to-service traffic goes through a centralized firewall instead of through the public internet, while also having micro-segmentation in place to ensure that all services are running with minimal exposure.
While Azure has become a large ecosystem with many possibilities in terms of how you should design a secure infrastructure, fortunately, Microsoft has...
