Here are the additional networking considerations for this architecture: The design strategies for mission-critical baseline still apply in this use case. It's recommended that you become familiar with the baseline before proceeding with this article. This architecture adds features to restrict ingress and egress paths using the appropriate cloud-native capabilities, such as Azure Virtual Network(VNet) and private endpoints, Azure Private Link, Azure Private DNS Zone, and others. It builds on the mission-critical baseline architecture, which is focused on maximizing reliability and operational effectiveness without network controls. For example, a Distributed Denial of Service (DDoS) attack, if left unchecked, can cause a resource to become unavailable by overwhelming it with illegitimate traffic. The intent is to stop attack vectors at the networking layer so that the overall reliability of the system isn't impacted. This architecture provides guidance for designing a mission critical workload that has strict network controls in place to prevent unauthorized public access from the internet to any of the workload resources.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |