You can optimize your secure access service edge with Azure. How will it happen? We will know in this section.
What Is Secure Access Service Edge With Azure?
Secure access service edge with Azure lets you create a custom VPN solution on Azure. It is a full-service VPN offering in the cloud where you can:
- Build,
- deploy, and
- manage your VPN infrastructures.
When Is It Good To Use a Secure Access Service Edge With Azure?
It is good to use Azure when the following situations are true:
You want to connect your on-premise network to the Azure platform using a secure site-to-site VPN tunnel. You prefer not to use the default S2S VPN solution provided by Azure.
Customize the S2S VPN solution in terms of:
- Encryption,
- authentication, and
- traffic routing
You want to build a hybrid network on-premises and in the cloud. You want to develop a secure access service for employees working remotely.
Deploy an application gateway and load balancer for your corporate network.
What Are The Advantages Of Using SASE With Azure?
You can gain the following advantages by using a SASE with Azure:
Azure provides a complete set of resources for building and managing your SASE. You do not need to learn new technologies or buy new hardware or software licenses.
You can quickly start using your secure access service edge. So it uses site-to-site or point-to-site connectivity and routing.
Your secure access service edge can be deployed into any virtual network and resource group within an Azure subscription. This means you can have multiple sites on different subnets within one subscription.
You can control which users or devices have access to your secure access service edge by using security groups and IP address rules.
=Your secure access service edge supports multi-tenancy configurations where clients share common resources. Such as:
- IP addresses,
- DNS names,
- network routes,
- security groups,
- load balancers,
- databases, and
- storage accounts.
Network Virtual Appliance (NVA)
A network virtual appliance (NVA) is deployed as part of a secure access service edge with Azure. An NVA helps protect your on-premises data from being seen by unauthorized users. Also, it applies when it leaves your premises through a point-to-site connection.
The NVA also helps protect traffic from unauthorized users from entering your own premises network through either point-to-site or site-to-site connections.
The NVA also protects traffic from being sent outside of your on-premises network through either point-
to-site or site-to-site connections.
All traffic between your on-premises network and your virtual networks on Azure is encrypted. This means that only you and your end users can see the encrypted traffic.
Only you and your end users can decrypt the traffic. This means that no one monitoring the network or intercepting the traffic can see its content.
You can configure a SASE with Azure to support the following applications:
- Cloud applications, and
- Applications are hosted on a virtual network in Azure or a hybrid network configuration.
You can access your SASE with Azure through any of the following protocols:
- HTTP,
- Secure HTTP (HTTPS),
- TCP ports 443, 80, and 17014,
- UDP ports 500 and 4500,
- GRE tunnels,
- SSTP ports 443 and 1723 and IPsec tunnels.