SlideShare uma empresa Scribd logo

Microsoft Azure Hub_Spoke_Ampliado.pptx

Transferir como PPTX, PDF
A
Alejandro Daricz

Azure

Tecnologia
1 de 12
Azure Landing Zone (Azure Firewall/WAF) Azure Firewall: On-premises network Gateway subnet UDR Management subnet Hub VNet Web tier Business tier Data tier App Services Managed Database Jumpbox VNet Peering (Bidirectional) VNet Peering (Bidirectional) VNet (Spoke 1) VNet (Spoke 2) 1
Azure Landing Zone (NVA) On-premises network Gateway subnet UDR Management subnet Hub VNet Web tier Business tier Data tier VNet (Spoke 2) App Services Managed Database VNet Peering (Bidirectional) Jumpbox Availability set Public DMZ in Public DMZ out Availability set Private DMZ in Private DMZ out VNet Peering (Bidirectional) VNet (Spoke 1) https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/secure-vnet-dmz 2 NVA NVA NVA NVA
Hub and Spoke Topology Benefits Drawbacks Hub & Spoke  Easier to manage shared services  Lower licensing costs  Improved segregation  Easy to scale  Single point of failure  Overhead of managing UDRs Simplified  No single point of failure  Duplication of shared services (Firewall, SIEM)  Higher licensing costs  Challenging to scale VPN Client On-premises Network HQ On-premises Network Site 2 Hub VNet Hub Subnets P2S VPN Tunnel S2S VPN Tunnel Gateway Subnet Spoke 2 VNet Spoke 1 Subnets Spoke 2 VNet Spoke 2 Subnets Spoke 3 VNet Spoke 3 Subnets Spoke 4 VNet Spoke 4 Subnets HTTP/ HTTPS 3
Azure Network Architecture: Deployment to Primary Azure Region On-premises Network HQ Internet VNet Peering (Bidirectional) Prod Subscription Prod Resource Group(s)* Prod VNet (Spoke 3) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Prod Management Group Gateway Subnet Hub VNet Firewall Subnet SIEM Subnet WAF Subnet Management Subnet 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/yy Hub Resource Group(s)* Hub Subscription Hub Management Group VNet Peering (Bidirectional) VNet Peering (Bidirectional) Non-Prod Subscription Dev Resource Group(s)* Non-Prod Management Group Dev VNet (Spoke 1) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Test VNet (Spoke 2) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Test Resource Group(s)* Additional Resource Groups will be used for Azure resources as required for better resource management and security control * P2S VPN Tunnel S2S VPN Tunnel HTTP/HTTPS VPN Client On-premises Network Site 2 S2S VPN Tunnel 5
Azure Network Architecture: with animation VNet Peering (Bidirectional) Prod Subscription Prod Resource Group(s)* Prod VNet (Spoke 3) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Prod Management Group Non-Prod Subscription Dev Resource Group(s)* Non-Prod Management Group Dev VNet (Spoke 1) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Test VNet (Spoke 2) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Gateway Subnet Hub VNet Firewall Subnet SIEM Subnet WAF Subnet Management Subnet 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/yy Hub Resource Group(s)* Hub Subscription Hub Management Group Test Resource Group(s)* VNet Peering (Bidirectional) VNet Peering (Bidirectional) Additional Resource Groups will be used for Azure resources as required for better resource management and security control * On-premises Network HQ Internet P2S VPN Tunnel S2S VPN Tunnel HTTP/HTTPS VPN Client On-premises Network Site 2 S2S VPN Tunnel 6
Microsoft Azure Hub_Spoke_Ampliado.pptx
Microsoft Azure Hub_Spoke_Ampliado.pptx
Microsoft Azure Hub_Spoke_Ampliado.pptx
Microsoft Azure Hub_Spoke_Ampliado.pptx
Microsoft Azure Hub_Spoke_Ampliado.pptx
Microsoft Azure Hub_Spoke_Ampliado.pptx

Recomendados

Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksMatthias Güntert
 
Azure Hub spoke v1.0
Azure Hub spoke v1.0Azure Hub spoke v1.0
Azure Hub spoke v1.0Sayed Ashraf Kazi
 
VMware vSphere Networking deep dive
VMware vSphere Networking deep diveVMware vSphere Networking deep dive
VMware vSphere Networking deep diveSanjeev Kumar
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overviewvalerian_ceaus
 
Virtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareVirtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareDuncan Epping
 
An Introduction To Server Virtualisation
An Introduction To Server VirtualisationAn Introduction To Server Virtualisation
An Introduction To Server VirtualisationAlan McSweeney
 
Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Jürgen Ambrosi
 
Aci presentation
Aci presentationAci presentation
Aci presentationJoe Ryan
 

Recomendados

Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksMatthias Güntert
 
Azure Hub spoke v1.0
Azure Hub spoke v1.0Azure Hub spoke v1.0
Azure Hub spoke v1.0Sayed Ashraf Kazi
 
VMware vSphere Networking deep dive
VMware vSphere Networking deep diveVMware vSphere Networking deep dive
VMware vSphere Networking deep diveSanjeev Kumar
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overviewvalerian_ceaus
 
Virtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareVirtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareDuncan Epping
 
An Introduction To Server Virtualisation
An Introduction To Server VirtualisationAn Introduction To Server Virtualisation
An Introduction To Server VirtualisationAlan McSweeney
 
Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Jürgen Ambrosi
 
Aci presentation
Aci presentationAci presentation
Aci presentationJoe Ryan
 
VMware Virtual SAN Presentation
VMware Virtual SAN PresentationVMware Virtual SAN Presentation
VMware Virtual SAN Presentationvirtualsouthwest
 
Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsxsolarisyougood
 
Colt's evolution from MPLS to Cloud Networking
Colt's evolution from MPLS to Cloud Networking Colt's evolution from MPLS to Cloud Networking
Colt's evolution from MPLS to Cloud Networking Colt Technology Services
 
TechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSTechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSRobb Boyd
 
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxVMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxBradLai3
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptxRazith2
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN Ashutosh Kaushik
 
Benefits Of Building Private Cloud
Benefits Of Building Private CloudBenefits Of Building Private Cloud
Benefits Of Building Private Clouddinobusalachi
 
VMware Advance Troubleshooting Workshop - Day 2
VMware Advance Troubleshooting Workshop - Day 2VMware Advance Troubleshooting Workshop - Day 2
VMware Advance Troubleshooting Workshop - Day 2Vepsun Technologies
 
On Premise vs Cloud-Updated.pptx
On Premise vs Cloud-Updated.pptxOn Premise vs Cloud-Updated.pptx
On Premise vs Cloud-Updated.pptxGauravtiwari559291
 
Avaya Aura Application Enablement Services (AES)
Avaya Aura Application Enablement Services (AES)Avaya Aura Application Enablement Services (AES)
Avaya Aura Application Enablement Services (AES)Motty Ben Atia
 
VSAN – Architettura e Design
VSAN – Architettura e DesignVSAN – Architettura e Design
VSAN – Architettura e DesignVMUG IT
 
Avaya Aura System Manager
Avaya Aura System ManagerAvaya Aura System Manager
Avaya Aura System ManagerMotty Ben Atia
 
ISE-802.1X-MAB
ISE-802.1X-MABISE-802.1X-MAB
ISE-802.1X-MABEmerson Barros Rivas
 
Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Shawn Ismail
 
Hyper-Converged Infrastructure: Concepts
Hyper-Converged Infrastructure: ConceptsHyper-Converged Infrastructure: Concepts
Hyper-Converged Infrastructure: ConceptsNick Scuola
 
네트워크 가상화 발표자료-SDN/NFV/Cloud
네트워크 가상화 발표자료-SDN/NFV/Cloud네트워크 가상화 발표자료-SDN/NFV/Cloud
네트워크 가상화 발표자료-SDN/NFV/Cloudseungdols
 
VMware NSX 101: What, Why & How
VMware NSX 101: What, Why & HowVMware NSX 101: What, Why & How
VMware NSX 101: What, Why & HowAniekan Akpaffiong
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Hub_Spoke_v1.0.pptx
Hub_Spoke_v1.0.pptxHub_Spoke_v1.0.pptx
Hub_Spoke_v1.0.pptxAanSulistiyo
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185jtaylor707
 

Mais conteúdo relacionado

Mais procurados

VMware Virtual SAN Presentation
VMware Virtual SAN PresentationVMware Virtual SAN Presentation
VMware Virtual SAN Presentationvirtualsouthwest
 
Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsxsolarisyougood
 
Colt's evolution from MPLS to Cloud Networking
Colt's evolution from MPLS to Cloud Networking Colt's evolution from MPLS to Cloud Networking
Colt's evolution from MPLS to Cloud Networking Colt Technology Services
 
TechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSTechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSRobb Boyd
 
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxVMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxBradLai3
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptxRazith2
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN Ashutosh Kaushik
 
Benefits Of Building Private Cloud
Benefits Of Building Private CloudBenefits Of Building Private Cloud
Benefits Of Building Private Clouddinobusalachi
 
VMware Advance Troubleshooting Workshop - Day 2
VMware Advance Troubleshooting Workshop - Day 2VMware Advance Troubleshooting Workshop - Day 2
VMware Advance Troubleshooting Workshop - Day 2Vepsun Technologies
 
On Premise vs Cloud-Updated.pptx
On Premise vs Cloud-Updated.pptxOn Premise vs Cloud-Updated.pptx
On Premise vs Cloud-Updated.pptxGauravtiwari559291
 
Avaya Aura Application Enablement Services (AES)
Avaya Aura Application Enablement Services (AES)Avaya Aura Application Enablement Services (AES)
Avaya Aura Application Enablement Services (AES)Motty Ben Atia
 
VSAN – Architettura e Design
VSAN – Architettura e DesignVSAN – Architettura e Design
VSAN – Architettura e DesignVMUG IT
 
Avaya Aura System Manager
Avaya Aura System ManagerAvaya Aura System Manager
Avaya Aura System ManagerMotty Ben Atia
 
Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Shawn Ismail
 
Hyper-Converged Infrastructure: Concepts
Hyper-Converged Infrastructure: ConceptsHyper-Converged Infrastructure: Concepts
Hyper-Converged Infrastructure: ConceptsNick Scuola
 
네트워크 가상화 발표자료-SDN/NFV/Cloud
네트워크 가상화 발표자료-SDN/NFV/Cloud네트워크 가상화 발표자료-SDN/NFV/Cloud
네트워크 가상화 발표자료-SDN/NFV/Cloudseungdols
 
VMware NSX 101: What, Why & How
VMware NSX 101: What, Why & HowVMware NSX 101: What, Why & How
VMware NSX 101: What, Why & HowAniekan Akpaffiong
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 

Mais procurados (20)

VMware Virtual SAN Presentation
VMware Virtual SAN PresentationVMware Virtual SAN Presentation
VMware Virtual SAN Presentation
 
Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsx
 
Colt's evolution from MPLS to Cloud Networking
Colt's evolution from MPLS to Cloud Networking Colt's evolution from MPLS to Cloud Networking
Colt's evolution from MPLS to Cloud Networking
 
TechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSTechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCS
 
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxVMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptx
 
SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN SD WAN Overview | What is SD WAN | Benefits of SD WAN
SD WAN Overview | What is SD WAN | Benefits of SD WAN
 
Benefits Of Building Private Cloud
Benefits Of Building Private CloudBenefits Of Building Private Cloud
Benefits Of Building Private Cloud
 
VMware Advance Troubleshooting Workshop - Day 2
VMware Advance Troubleshooting Workshop - Day 2VMware Advance Troubleshooting Workshop - Day 2
VMware Advance Troubleshooting Workshop - Day 2
 
On Premise vs Cloud-Updated.pptx
On Premise vs Cloud-Updated.pptxOn Premise vs Cloud-Updated.pptx
On Premise vs Cloud-Updated.pptx
 
Avaya Aura Application Enablement Services (AES)
Avaya Aura Application Enablement Services (AES)Avaya Aura Application Enablement Services (AES)
Avaya Aura Application Enablement Services (AES)
 
VSAN – Architettura e Design
VSAN – Architettura e DesignVSAN – Architettura e Design
VSAN – Architettura e Design
 
Avaya Aura System Manager
Avaya Aura System ManagerAvaya Aura System Manager
Avaya Aura System Manager
 
ISE-802.1X-MAB
ISE-802.1X-MABISE-802.1X-MAB
ISE-802.1X-MAB
 
Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)Azure Network Security Groups (NSG)
Azure Network Security Groups (NSG)
 
Hyper-Converged Infrastructure: Concepts
Hyper-Converged Infrastructure: ConceptsHyper-Converged Infrastructure: Concepts
Hyper-Converged Infrastructure: Concepts
 
네트워크 가상화 발표자료-SDN/NFV/Cloud
네트워크 가상화 발표자료-SDN/NFV/Cloud네트워크 가상화 발표자료-SDN/NFV/Cloud
네트워크 가상화 발표자료-SDN/NFV/Cloud
 
VMware NSX 101: What, Why & How
VMware NSX 101: What, Why & HowVMware NSX 101: What, Why & How
VMware NSX 101: What, Why & How
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security
 

Semelhante a Microsoft Azure Hub_Spoke_Ampliado.pptx

Hub_Spoke_v1.0.pptx
Hub_Spoke_v1.0.pptxHub_Spoke_v1.0.pptx
Hub_Spoke_v1.0.pptxAanSulistiyo
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185jtaylor707
 
Virtual Data Center VDC - Azure Cloud Reference Architecture CRA
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAVirtual Data Center VDC - Azure Cloud Reference Architecture CRA
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAAmmar Hasayen
 
Cloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptx
Cloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptxCloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptx
Cloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptxVipulKumar221864
 
Virtualization and Open Virtualization Format (OVF)
Virtualization and Open Virtualization Format (OVF)Virtualization and Open Virtualization Format (OVF)
Virtualization and Open Virtualization Format (OVF)rajsandhu1989
 
Windows Azure: Is Azure right for you?
Windows Azure: Is Azure right for you?Windows Azure: Is Azure right for you?
Windows Azure: Is Azure right for you?Intergen
 
Moving Enterprise Windows Workloads to AWS – Peter Stanski
Moving Enterprise Windows Workloads to AWS – Peter StanskiMoving Enterprise Windows Workloads to AWS – Peter Stanski
Moving Enterprise Windows Workloads to AWS – Peter StanskiAmazon Web Services
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Louis Göhl
 
Moving Enterprise Windows Workloads to AWS
Moving Enterprise Windows Workloads to AWSMoving Enterprise Windows Workloads to AWS
Moving Enterprise Windows Workloads to AWSAmazon Web Services
 
VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...VMworld
 
네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성NAIM Networks, Inc.
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesMarius Zaharia
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 
Connect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureConnect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureK.Mohamed Faizal
 
DNN Cloud Services - Under the Hood - CloudBurst 2013
DNN Cloud Services - Under the Hood - CloudBurst 2013DNN Cloud Services - Under the Hood - CloudBurst 2013
DNN Cloud Services - Under the Hood - CloudBurst 2013David J. Rodriguez Hernandez
 
VMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and FlexibilityVMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and FlexibilityPaulo Freitas
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networkingwalk2talk srl
 
Azure Network and Infrastructure
Azure Network and InfrastructureAzure Network and Infrastructure
Azure Network and InfrastructurePhi Huynh
 
VMware - vCloud Hybrid Services
VMware - vCloud Hybrid Services VMware - vCloud Hybrid Services
VMware - vCloud Hybrid Services VMUG IT
 

Semelhante a Microsoft Azure Hub_Spoke_Ampliado.pptx (20)

Hub_Spoke_v1.0.pptx
Hub_Spoke_v1.0.pptxHub_Spoke_v1.0.pptx
Hub_Spoke_v1.0.pptx
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185
 
Virtual Data Center VDC - Azure Cloud Reference Architecture CRA
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAVirtual Data Center VDC - Azure Cloud Reference Architecture CRA
Virtual Data Center VDC - Azure Cloud Reference Architecture CRA
 
Cloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptx
Cloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptxCloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptx
Cloud-Reference-Architecture-Virtual-Data-Center-VDC-Azure.pptx
 
Virtualization and Open Virtualization Format (OVF)
Virtualization and Open Virtualization Format (OVF)Virtualization and Open Virtualization Format (OVF)
Virtualization and Open Virtualization Format (OVF)
 
Windows Azure: Is Azure right for you?
Windows Azure: Is Azure right for you?Windows Azure: Is Azure right for you?
Windows Azure: Is Azure right for you?
 
Moving Enterprise Windows Workloads to AWS – Peter Stanski
Moving Enterprise Windows Workloads to AWS – Peter StanskiMoving Enterprise Windows Workloads to AWS – Peter Stanski
Moving Enterprise Windows Workloads to AWS – Peter Stanski
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]
 
NSX, un salt natural cap a SDN
NSX, un salt natural cap a SDNNSX, un salt natural cap a SDN
NSX, un salt natural cap a SDN
 
Moving Enterprise Windows Workloads to AWS
Moving Enterprise Windows Workloads to AWSMoving Enterprise Windows Workloads to AWS
Moving Enterprise Windows Workloads to AWS
 
VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...
VMworld 2013: vCloud Hybrid Service Jump Start Part One of Five: vCloud Hybri...
 
네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성네트워크 가상화 보안현황 및 보안연관성
네트워크 가상화 보안현황 및 보안연관성
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet Topologies
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
Connect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft AzureConnect your datacenter to Microsoft Azure
Connect your datacenter to Microsoft Azure
 
DNN Cloud Services - Under the Hood - CloudBurst 2013
DNN Cloud Services - Under the Hood - CloudBurst 2013DNN Cloud Services - Under the Hood - CloudBurst 2013
DNN Cloud Services - Under the Hood - CloudBurst 2013
 
VMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and FlexibilityVMWARE Professionals - Security, Multitenancy and Flexibility
VMWARE Professionals - Security, Multitenancy and Flexibility
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
 
Azure Network and Infrastructure
Azure Network and InfrastructureAzure Network and Infrastructure
Azure Network and Infrastructure
 
VMware - vCloud Hybrid Services
VMware - vCloud Hybrid Services VMware - vCloud Hybrid Services
VMware - vCloud Hybrid Services
 

Mais de Alejandro Daricz

CZ Zero Trust recortada hasta la 20.pptx
CZ Zero Trust recortada hasta la 20.pptxCZ Zero Trust recortada hasta la 20.pptx
CZ Zero Trust recortada hasta la 20.pptxAlejandro Daricz
 
SOAR-A Love Story - Ethan Packard.pptx
SOAR-A Love Story - Ethan Packard.pptxSOAR-A Love Story - Ethan Packard.pptx
SOAR-A Love Story - Ethan Packard.pptxAlejandro Daricz
 
Fortinet Mikulov 2020 -Jen chránit síť nestačí.ppsx
Fortinet Mikulov 2020 -Jen chránit síť nestačí.ppsxFortinet Mikulov 2020 -Jen chránit síť nestačí.ppsx
Fortinet Mikulov 2020 -Jen chránit síť nestačí.ppsxAlejandro Daricz
 
Fortify-overview-300-v2.pptx
Fortify-overview-300-v2.pptxFortify-overview-300-v2.pptx
Fortify-overview-300-v2.pptxAlejandro Daricz
 
Red Hat Ansible Client presentation Level 2.PPTX
Red Hat Ansible Client presentation Level 2.PPTXRed Hat Ansible Client presentation Level 2.PPTX
Red Hat Ansible Client presentation Level 2.PPTXAlejandro Daricz
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxAlejandro Daricz
 
meraki-mx-sizing-principles-english.pdf
meraki-mx-sizing-principles-english.pdfmeraki-mx-sizing-principles-english.pdf
meraki-mx-sizing-principles-english.pdfAlejandro Daricz
 
Imperva-presentacion-GMS.pdf
Imperva-presentacion-GMS.pdfImperva-presentacion-GMS.pdf
Imperva-presentacion-GMS.pdfAlejandro Daricz
 
comptia-secplussy0601-1-15-threat_intelligence_osint.pptx
comptia-secplussy0601-1-15-threat_intelligence_osint.pptxcomptia-secplussy0601-1-15-threat_intelligence_osint.pptx
comptia-secplussy0601-1-15-threat_intelligence_osint.pptxAlejandro Daricz
 
Esg lab-validation-check-point-cloud guard-mar-2018
Esg lab-validation-check-point-cloud guard-mar-2018Esg lab-validation-check-point-cloud guard-mar-2018
Esg lab-validation-check-point-cloud guard-mar-2018Alejandro Daricz
 
Citrix cloud services_total_economic_benefits_assessment_guide
Citrix cloud services_total_economic_benefits_assessment_guideCitrix cloud services_total_economic_benefits_assessment_guide
Citrix cloud services_total_economic_benefits_assessment_guideAlejandro Daricz
 

Mais de Alejandro Daricz (14)

CZ Zero Trust recortada hasta la 20.pptx
CZ Zero Trust recortada hasta la 20.pptxCZ Zero Trust recortada hasta la 20.pptx
CZ Zero Trust recortada hasta la 20.pptx
 
SOAR-A Love Story - Ethan Packard.pptx
SOAR-A Love Story - Ethan Packard.pptxSOAR-A Love Story - Ethan Packard.pptx
SOAR-A Love Story - Ethan Packard.pptx
 
Fortinet Mikulov 2020 -Jen chránit síť nestačí.ppsx
Fortinet Mikulov 2020 -Jen chránit síť nestačí.ppsxFortinet Mikulov 2020 -Jen chránit síť nestačí.ppsx
Fortinet Mikulov 2020 -Jen chránit síť nestačí.ppsx
 
Fortify-overview-300-v2.pptx
Fortify-overview-300-v2.pptxFortify-overview-300-v2.pptx
Fortify-overview-300-v2.pptx
 
Daniel_CISSP_Dom7__1_.pdf
Daniel_CISSP_Dom7__1_.pdfDaniel_CISSP_Dom7__1_.pdf
Daniel_CISSP_Dom7__1_.pdf
 
Red Hat Ansible Client presentation Level 2.PPTX
Red Hat Ansible Client presentation Level 2.PPTXRed Hat Ansible Client presentation Level 2.PPTX
Red Hat Ansible Client presentation Level 2.PPTX
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
 
OT Solution Overview.pptx
OT Solution Overview.pptxOT Solution Overview.pptx
OT Solution Overview.pptx
 
meraki-mx-sizing-principles-english.pdf
meraki-mx-sizing-principles-english.pdfmeraki-mx-sizing-principles-english.pdf
meraki-mx-sizing-principles-english.pdf
 
Imperva-presentacion-GMS.pdf
Imperva-presentacion-GMS.pdfImperva-presentacion-GMS.pdf
Imperva-presentacion-GMS.pdf
 
Liderazgo Ágil
Liderazgo ÁgilLiderazgo Ágil
Liderazgo Ágil
 
comptia-secplussy0601-1-15-threat_intelligence_osint.pptx
comptia-secplussy0601-1-15-threat_intelligence_osint.pptxcomptia-secplussy0601-1-15-threat_intelligence_osint.pptx
comptia-secplussy0601-1-15-threat_intelligence_osint.pptx
 
Esg lab-validation-check-point-cloud guard-mar-2018
Esg lab-validation-check-point-cloud guard-mar-2018Esg lab-validation-check-point-cloud guard-mar-2018
Esg lab-validation-check-point-cloud guard-mar-2018
 
Citrix cloud services_total_economic_benefits_assessment_guide
Citrix cloud services_total_economic_benefits_assessment_guideCitrix cloud services_total_economic_benefits_assessment_guide
Citrix cloud services_total_economic_benefits_assessment_guide
 

Último

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Último (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

Microsoft Azure Hub_Spoke_Ampliado.pptx

  • 1. Azure Landing Zone (Azure Firewall/WAF) Azure Firewall: On-premises network Gateway subnet UDR Management subnet Hub VNet Web tier Business tier Data tier App Services Managed Database Jumpbox VNet Peering (Bidirectional) VNet Peering (Bidirectional) VNet (Spoke 1) VNet (Spoke 2) 1
  • 2. Azure Landing Zone (NVA) On-premises network Gateway subnet UDR Management subnet Hub VNet Web tier Business tier Data tier VNet (Spoke 2) App Services Managed Database VNet Peering (Bidirectional) Jumpbox Availability set Public DMZ in Public DMZ out Availability set Private DMZ in Private DMZ out VNet Peering (Bidirectional) VNet (Spoke 1) https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/secure-vnet-dmz 2 NVA NVA NVA NVA
  • 3. Hub and Spoke Topology Benefits Drawbacks Hub & Spoke  Easier to manage shared services  Lower licensing costs  Improved segregation  Easy to scale  Single point of failure  Overhead of managing UDRs Simplified  No single point of failure  Duplication of shared services (Firewall, SIEM)  Higher licensing costs  Challenging to scale VPN Client On-premises Network HQ On-premises Network Site 2 Hub VNet Hub Subnets P2S VPN Tunnel S2S VPN Tunnel Gateway Subnet Spoke 2 VNet Spoke 1 Subnets Spoke 2 VNet Spoke 2 Subnets Spoke 3 VNet Spoke 3 Subnets Spoke 4 VNet Spoke 4 Subnets HTTP/ HTTPS 3
  • 4.
  • 5. Azure Network Architecture: Deployment to Primary Azure Region On-premises Network HQ Internet VNet Peering (Bidirectional) Prod Subscription Prod Resource Group(s)* Prod VNet (Spoke 3) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Prod Management Group Gateway Subnet Hub VNet Firewall Subnet SIEM Subnet WAF Subnet Management Subnet 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/yy Hub Resource Group(s)* Hub Subscription Hub Management Group VNet Peering (Bidirectional) VNet Peering (Bidirectional) Non-Prod Subscription Dev Resource Group(s)* Non-Prod Management Group Dev VNet (Spoke 1) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Test VNet (Spoke 2) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Test Resource Group(s)* Additional Resource Groups will be used for Azure resources as required for better resource management and security control * P2S VPN Tunnel S2S VPN Tunnel HTTP/HTTPS VPN Client On-premises Network Site 2 S2S VPN Tunnel 5
  • 6. Azure Network Architecture: with animation VNet Peering (Bidirectional) Prod Subscription Prod Resource Group(s)* Prod VNet (Spoke 3) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Prod Management Group Non-Prod Subscription Dev Resource Group(s)* Non-Prod Management Group Dev VNet (Spoke 1) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Test VNet (Spoke 2) 10.xx.xx.xx/yy 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz Gateway Subnet Hub VNet Firewall Subnet SIEM Subnet WAF Subnet Management Subnet 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/zz 10.xx.xx.xx/yy Hub Resource Group(s)* Hub Subscription Hub Management Group Test Resource Group(s)* VNet Peering (Bidirectional) VNet Peering (Bidirectional) Additional Resource Groups will be used for Azure resources as required for better resource management and security control * On-premises Network HQ Internet P2S VPN Tunnel S2S VPN Tunnel HTTP/HTTPS VPN Client On-premises Network Site 2 S2S VPN Tunnel 6