- Two core approaches: traditional and Azure Virtual WAN
- The above document has a topology diagram for each model.
Feature | Traditional Azure Network Topology | Azure Virtual WAN Network Topology |
Highlights | Customer-managed routing and security An Azure subscription can create up to 50 vnets across all regions. Vnet Peering links two vnets either in the same region or in different regions and enables you to route traffic between them using private IP addresses (carry a nominal charge). Inbound and outbound traffic is charged at both ends of the peered networks. Network appliances such as VPN Gateway and Application Gateway that are run inside a virtual network are also charged. Azure Virtual Network Pricing | A Microsoft-managed networking service providing optimized and automated branch to branch connectivity through Azure. Virtual WAN allows customers to connect branches to each other and Azure, centralizing their network and security needs with virtual appliances such as firewalls and Azure network and security services. Azure Virtual WAN Pricing |
Deployment | Customized deployment with routing and security managed by the customer Virtual Network documentation – Plan virtual networks – Tutorial: Filter network traffic with a network security group using the Azure portal | Microsoft-managed service Virtual WAN documentation – Tutorial: Create an ExpressRoute association to Virtual WAN – Azure portal – Other tutorials include site-to-site and point-to-site connections |
Interconnectivity | Traffic between two virtual networks across two different Azure regions is expected. Full mesh network across all Azure regions is not required. | Global connectivity between vnets in these Azure regions and multiple on-premises locations. |
IPsec Tunnels | Fewer than 30 IPsec Site-to-Site tunnels are needed. | More than 30 branch sites for native IPsec termination. |
Routing Policy | Full control and granularity for manually configuring your Azure network routing policy. | Not applicable |
Data Collection | Collects data from servers and Kubernetes clusters. | Collects data from servers and Kubernetes clusters. |
Data Storage | Stores data in Log Analytics workspace or customer’s own storage account. | Stores data in Log Analytics workspace or customer’s own storage account. |
Data Analysis and Visualization | Uses Log Analytics for analysis and visualization of collected data. | Uses Azure Monitor for analysis and visualization of collected data. |
Additional Information