Express Architecture and design Flashcards
Point-to-Site VPN
1) simplest hybrid connection by which you can securely connect your local computer to an Azure virtual network. 2) No specific VPN devices are needed in this case. Instead,
3) you install a Windows VPN client through which you can connect to any VMs and Cloud Services within the virtual network.
Secured Socket Tunneling Protocol (SSTP)
1) you can establish the connection through firewalls and Network Address Translation (NAT).
2) It works well to support a small mobile workforce. 3) However, because each client PC in this case establishes a separate connection to the gateway, you are limited to the number of S2S tunnels that the gateway can support.
Point-to-Site enables scenarios
1) such as remote administration of cloud resources, troubleshooting, monitoring, and testing.
2) It can be applied to use cases such as remote education, mobile office, and occasional command and control.
Site-to-Site VPN
1) need a public-facing IPv4 address
2) compatible VPN device, or Routing and Remote Access Service (RRAS) running on Windows Server 2012.
3) VPNs go through the public Internet, there’s no SLA to guarantee the connectivity
ExpressRoute
1) private connections between your on-premises datacenters and Azure datacenters
2) These connections don’t go through the public Internet, and you can get connectivity SLAs from your selected service providers
vNet-to-vNet VPN
1) an connect two virtual networks on Azure by using a VPN connection
Multi-site VPN
1) to join multiple on-premises networks
2) hub-and-spoke topology
hybrid solution options
1) Service Bus Relay - expose your WCF services by registering a relay endpoint. Even if your service is behind a firewall and on a NAT, service consumers can still access the service via the public relay endpoint.
2) API Management Using Azure API Management, you can modernize, manage, protect, and monitor your existing APIs hosted either on-premises or on cloud.
Reaching back to on-premises
1) your cloud-based services need to reach back to your on-premises resources such as databases in your local datacenter.
2) You can use Azure App Service BizTalk API Apps Hybrid Connection to connect your web applications back to any on-premises resources that use a static TCP port, such as SQL database and Web APIs.
