IT security is critically important, and even more so in a software-defined data center. In this course, Creating a DMZ in Azure, you will learn to create a basic DMZ in Azure using standard functionality to ensure publicly-exposed IT systems are secure. First, you will learn what a DMZ is and how important it is to overall security. Next, you will define the environment you want to create and implement a basic network into that environment. Finally, you will secure your environment using Network Security Groups. By the end of this course, you will have the knowledge and tools necessary to create a DMZ that can protect your environment.
Course Overview Hello, my name is Gavin, and welcome to my course on Creating a DMZ in Microsoft Azure. IT security is critically important, and even more so in the software defined data centers of today. Just because Azure is managed by Microsoft, it doesn't mean that you're off the hook and not responsible for security. As soon as you click that New button, you are responsible for the integrity and security of your systems. So if you plan on to expose services to the internet and Azure, you need to think about perimeter security. DMZ's are a critical part of securing any publicly exposed IT system. This course explains everything you need to know about creating a DMZ in Azure. Some of the topics we will cover include defense in depth from a network security perspective, network address spaces and how they're related to Azure network design. We also cover network security groups and why they're essential for every network in Azure. We'll walk through the creation of a DMZ using those network security groups. We'll also go through the scripting options for creating the DMZ in those network security groups. And finally, we'll finish up with some troubleshooting hints and tips. By the end of the course, you'll understand the core requirements for security in a network inside Azure. So thank you for listening. I hope you'll enjoy this short Pluralsight course as we work through the creation of a DMZ in Azure.
Creating the Basic Network for Your Environment Welcome to Pluralsight, and this is Gavin, and welcome to the section where we start to build out our basic network. So let's get building. Very quickly, in this section, the first thing we're going to do is we're going to build our basic network and DMZ, and we're going to use the Azure portal and the user interface. And then we'll move on to building that network using PowerShell and also the Azure Command-Line Interface. The learning goals for this module are pretty straightforward. I just want to show you the basics. Let's build that network, build that DMZ, make sure we've got the subnet masks and the subnet set up correctly. I'm going to give you a quick intro into scripting. This isn't a scripting course, but it's important that you understand how you build things from a portal, but also from a scripting perspective. And as ever, let's try and keep this practical. So let's build this thing in the Azure portal, but before we do that, as I've always said, a little bit of planning. What are we going to call this network? What are the settings? What's the address space? By now, these address ranges should start to look familiar. So I want to create a network, and we're going to give it a name of prdNetwork, so production network. I'm going to host it in North Europe, and then I'm going to give it a good broad range of addresses, so I'm going to give it 10. 1. 0. 0/16. And then, of course, we're going to subdivide it into our DMZ/24 and our LAN/24.
Wrapping Up Welcome back to Pluralsight, my name is Gavin, and this is the final section of our course where we're going to wrap everything up. Let's bring everything together, and let's discuss the important bits. So let's touch on the contents of the module very quickly. It's a recap of what network security groups are and why you should always use them, and I mean really always use them. We'll talk about some of the common considerations when you're bringing everything together, we'll talk a little bit about troubleshooting, and then, of course, we'll have that little bit at the end where we just summarize and wrap everything up. As ever, I have some learning goals for this particular module, and the first one is for you to make network security groups an almost reflex action when you're starting to build out your Azure network environments. Let's also talk briefly about how you would apply this to real world scenarios. And I guess the reality is all scenarios are real world. Always use network security groups. And then finally, just a few things to think about in the future.