2.7 Creating Virtual Networks

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

18 hours 43 minutes
Video Transcription
Welcome back. In this episode, we're gonna dive into creating virtual networks and what that looks like out in our azure portal
by learning objectives include planning virtual networks and then creating virtual networks.
So let's talk a little bit about planing virtual networks. First, all leisure resource is have to have a name
in the previous storage account episodes. Those names had to be globally unique across all of azure. For virtual networks, we have a little bit more leeway. The name of a virtual network must be unique within a resource group, but it can be duplicated within the subscription or region.
While starting out. You might name things like network one or my network, but you'll need to start thinking about a naming convention. Tohave
for your resource is Inside of Azure.
Microsoft has examples for had a name, different resources and for virtual networks. They recommend naming it after the service it will provide, followed by Dash V Net, for example, a production Web network might be proud. Webb Dash Peanut
azure resource is must be associated to a region upon creation. When creating a virtual network, you'll need to know that when creating future resource is that will be placed in the virtual network. The resource is must be deployed to the same region.
For example, I couldn't have a virtual network in the East US and deploy virtual machine to it from the West US.
So when deploying your virtual networks, he'll need to think about the resource is you'll be deploying and choose. The region closest to the users of the resource is, if you have an office in New York City, it probably wouldn't make a lot of sense to deploy resources and the West US region. You probably want to look at the east US region
now. We've already talked about how sub nets inside the same V net can automatically communicate with each other. If you need different V nets to communicate with each other, you'll need to create a veena period to connect them together.
Finally, you also need to consider any compliance or regulatory requirements when deploying. Resource is, this could affect what region or country resource is our two pulley to inside your as your environment.
Venus are segmented into multiple seven. It's in fact, when you create a V net you were required to define the first submit in the V Net in the portal,
each seven it in the V Net has to have a unique address range that falls within the range of the V net. Thes seven it ranges cannot overlap with the other submits in the virtual network,
and this is where your sub knitting skills are gonna become very helpful. Azure will route traffic between the difference of nets automatically. There's no need to create ratting tables out of the box. However. You can override these default routing so you can prevent. Submit the sub net traffic. Or you can force traffic
to first pass through a virtual network appliance, say a firewall for filtering rules.
In addition to rout tables, you can also use network security groups or in SGS on individual submits to allowed nine different types of traffic based on port protocol and I P addresses. So you can further control the traffic between the sub nets.
When creating virtual networks, you'll need to plan out some of the information listed in this table, and these are things we've already been discussing. You'll need to know the name of the sub net, the overarching address face for it what subscription resource group and region it will need to be assigned to. And finally, you'll need to find the first submit in the virtual network.
But enough talk. Let's jump over to our azure portal and create a virtual network.
Here we are, back in our azure portal. And as I mentioned in the previous episode, there's lots of different ways to do things inside the azure portal for creating the virtual networks in this demo. First, we're gonna go over and click on Create a Resource
in the azure marketplace. We're gonna scroll down and select networking
and then scroll back up and choose Virtual Network.
Next, our create virtual network page comes up, and the information we're looking for here should look pretty familiar. This is what we just covered in our last slide. So let's go ahead and give our virtual network and name.
We'll give it an address space.
Our subscription is already selected to our Microsoft Azure standard, so let's go ahead and select a resource group already have one creative called network demo.
I'm gonna leave the location as the East us, but as we mentioned in the slides, you'll want to select one that makes sense for the resource is you're gonna be deploying
or for access to your end users wherever they may be located.
Finally, we're going to create our first sub net within the virtual network.
Let's give it a name
and select the address range
you'll see here. It's going to validate the address range that we put in one to make sure that is unique within the virtual network. And to that it is within the range that we defined above.
This particular range is gonna give us 256 addresses
for right now. We're gonna leave the rest of these settings the same and go ahead and click on Create to create a virtual network.
Now that our deployment is complete over on the left side under our favorite resource is let's click on virtual Networks
and we'll see the virtual network we just created. Let's click on it to check out some of its properties.
Here you can see the resource group, the location, the subscription and the address space,
which match what we used when creating it.
When we created the virtual network, we only defined one sub net and often times within the virtual network. You'll probably want more sub nets. So under settings, let's click on submits.
Here you can see the first sub net, so let's go ahead and create a couple more
here. We'll need to give the new sub net a name
and you can see the address. Space is defaulted to a new name, which is the next address range in our sub net, based on the 1st 1 we created
and a little bit more information here. Previously, we said we had 256 addresses available, but you'll see right down here that it's actually 251.
The 1st 5 I P addresses in the sub net our azure reserved addresses
and then for this sub net, an option we didn't have previously. We could assign a network security group or a roundtable. We're not gonna cover those concepts just yet. They will be available in upcoming episodes.
Finally, let's click on okay to create another sub net.
There we have it, another sub net to our virtual network.
Now here we have to find a sub net within this virtual network. But what we can also do is add another actress space if we wanted.
Let's click on settings address space,
and here you can see the address range we used when we first created the virtual network. But if we wanted to, we could add an additional address range as long as it doesn't overlap.
Some validation is performed to make sure doesn't overlap. And there you have it. Another address. Space for our virtual network. Once you've added the additional address range, click on Save.
And now that this additional address space has been added, let's go back to sub nets.
Let's go ahead and try to add another submit in our new address space
in this sub net. Using the new address, space was added successfully.
That does it for a demo for creating virtual networks, adding address spaces and sub nets. Let's jump back over to the slides to wrap this up. Let's finish up this episode with a quick post assessment question, and this is gonna be a little different. True or false. In orderto have network connectivity between V net sub nets, I need to create appearing connection.
This is false.
Sub nets inside the same veena already have connective ity between them, automatically so you don't need to create appearing connection. You only need to create appearing connection if you want tohave connectivity between different virtual networks.
Now that we've already created our virtual network and our next up. So we're gonna talk a little bit about managing virtual networks and some of the settings around them.
See you in the next episode.
Up Next