Azure Software defined networking features:

Introduction: Azure is a public cloud with a portfolio of services. Azure Networking is one of the core services in the portfolio and offers Network-as-a-service functionality. This article discusses some of the main features of this service.

Description: Networking is all about links and communication. It involves layers of protocols, a mix of network topologies, hybrid equipment, naming and resolving mechanisms, access controls and policy specifications, and a variety of management and troubleshooting tools and services. Azure ExpressRoute provides optimal routing for best performance. The default traffic is over the Microsoft Global Network which is often referred to as the cold potato routing. Inter availability zones and Inter regions provide low latency and geographical networking. The traffic routes between Azure and the internet can be determine with routing preference. Azure Load balancer provides high performance with low latency.

There are manageability features that allow the management of on-premises, multi-cloud, 5G, and edge deployments. Connection is provided via Azure Virtual-WAN and the edge and 5G scenarios are enabled with Edge Zones, Edge Zones with Carrier, or private edge zones. These networks are secured by zero-trust based network security which involve segmentation, and the use of Azure WAF and Azure Bastion. There is intelligent threat detection with Azure DDoS protection. Private connectivity is available via Azure Private Link. Azure Network Virtual Appliance and Remote Access Service can provide end to end IP tunneling.

The Network as a service features easy to use scalable service and tools. The traffic is managed via Azure App Gateway and protected via Azure WAF. Azure FrontDoor helps define and monitor global routing. Firewall capabilities are turned on with Azure Firewall. VNet NAT is used to ensure reliable network address translation and can provide outbound connectivity.

Software defined networking is built into each Windows Server. When IT wants the ability to deploy applications quickly, SDN and network controller can be used, and policy can be managed with PowerShell. HyperV, and network controller can be used to create VxLAN overlays which does not require re-assignment of IP addresses. Hybrid SDN gateways can be used to assign and manage resources independently.

There is greater security and isolation of workloads with the use of network security groups and distributed firewall for micro-segmentation. North-South internet traffic and East-West intranet traffic can be established differently. User-defined routing can be configured with service chains can be established with 3^rd party appliances such as firewall, load balancer or content inspection. Cost is driven down by converging storage and network on Ethernet, and activating Remote Direct Memory Access (RDMA)