Networking architecture design
This article provides information about sample architectures, solutions, and guides that can help you explore networking in Azure.
Designing and implementing Azure networking capabilities is a critical part of your cloud solution. You'll need to make networking design decisions to properly support your workloads and services.
Azure provides a wide range of networking tools and capabilities. These are just some of the key networking services available in Azure:
- Azure Virtual Network. Provision private networks, and optionally connect to on-premises datacenters.
- Azure Virtual WAN. Optimize and automate branch-to-branch connectivity.
- Azure Private Link. Enable private access to services that are hosted on the Azure platform while keeping your data on the Microsoft network.
- Azure Firewall. Provide protection for your Azure Virtual Network resources.
- Azure Application Gateway. Build highly secure, scalable, highly available web front ends.
- Azure ExpressRoute. Create a fast, reliable, and private connection to Azure.
- Azure Load Balancer. Deliver high availability and network performance to your apps.
- Azure VPN Gateway. Establish high security cross-premises connectivity.
For information about more Azure networking services, see Azure networking.
Introduction to networking on Azure
If you're new to networking on Azure, the best way to learn more is with Microsoft Learn training, a free online training platform. Microsoft Learn provides interactive training for Microsoft products and more.
Here's a good introduction to Azure networking:
And here's a comprehensive learning path:
Path to production
Consider these technologies and solutions as you plan and implement your deployment:
- Azure Firewall architecture overview
- Azure Private Link in a hub-and-spoke network
- Recommendations for using availability zones and regions
- Choose between virtual network peering and VPN gateways
- Use Azure ExpressRoute with Microsoft Power Platform
Best practices
The Azure Well-Architected Framework is a set of guiding tenets, based on five pillars, that you can use to improve the quality of your architectures. These articles apply the pillars to the use of some Azure networking services:
The Cloud Adoption Framework is a collection of documentation, implementation guidance, best practices, and tools that are designed to accelerate your cloud adoption. You might find these articles helpful as you plan and implement your networking solution:
Networking architectures
The following sections, organized by category, provide links to sample networking architectures.
High availability
Hybrid networking
- Design a hybrid Domain Name System solution with Azure
- Hybrid availability and performance monitoring
- Implement a secure hybrid network
Hub-and-spoke topology
Virtual WAN
- Global transit network architecture and Virtual WAN
- Interconnect with China using Azure Virtual WAN and Secure Hub
- Migrate to Azure Virtual WAN
- SD-WAN connectivity architecture with Azure Virtual WAN
- Virtual WAN network topology (Microsoft-managed)
- Virtual WAN architecture optimized for department-specific requirements
- Hub-and-spoke network topology with Azure Virtual WAN
Multi-region networking
Stay current with networking
Get the latest updates on Azure networking products and features.
Additional resources
Example solutions
These are some additional sample networking architectures:
- Traditional Azure networking topology
- What is an Azure landing zone?
- Multitenant SaaS on Azure
- Baseline highly available zone-redundant web application
- Network topology and connectivity for Azure VMware Solution
- Private Link and DNS integration at scale
- Trusted Internet Connection (TIC) 3.0 compliance for internet-facing applications
- Update route tables by using Azure Route Server
AWS or Google Cloud professionals
These articles provide service mapping and comparison between Azure and other cloud services. They can help you ramp up quickly on Azure.