As Azure Virtual Desktops become more popular and mainstream, users are sending in their questions and concerns. Here are the answers to some of the most common Microsoft Azure Virtual Desktop FAQ submissions according to the manufacturer.
What is an Azure Virtual Network (or VNet)?
A VNet is a company network that exists in the cloud. It is a practical isolation of the Azure cloud dedicated to your company subscription. You can utilize VNets to manage VPNs , as well as connect multiple VNets or with onsite IT infrastructure and networks to establish hybrid or cross-premises solutions. Companies can use VNets to create a dedicated, cloud-only private VNet. Services and VMs in the VNet will communicate securely with each other in the cloud.
VNets can be used to securely extend your data center capacity, and connect your corporate VPN gateway to Azure. VNets provide flexibility to support a wide spectrum of hybrid cloud solutions, and can offer secure connections between cloud-based applications and onsite systems.
Virtual networks do not store customer data.
Can my organization employ VNets without cross-site connectivity? Yes, a VNet can be utilized without connecting it to your onsite infrastructure.
Is WAN optimization between VNets and my on-premises data center a possibility? Yes, a WAN optimization network virtual appliance can be deployed from several vendors through the Azure Marketplace.
What protocols can be utilized within VNets? TCP, UDP, and ICMP TCP/IP protocols may be used within VNets. Multicast, broadcast, IP-in-IP encapsulated packets, and Generic Routing Encapsulation (GRE) packets are blocked within VNets.
Can a Vnet be modified after creating it? Yes. You can add, remove, and modify the CIDR blocks used by a VNet. What is CIDR? Classless inter-domain routing (CIDR) is a method for allocating IP addresses and IP routing. The IP addresses allow the transmission of unique packets of information to specific computers.
If using services within a VNet, can a user connect to the internet? All services within a VNet can connect outbound to the internet. If connecting inbound to a resource, the resource must have a public IP address. Every Azure Cloud Service has a publicly addressable VIP assigned to it.
Can I connect a VNet to another VNet in Azure? Yes. You can connect one VNet to another VNet using either virtual network peering, an Azure VPN Gateway or DNS name resolution.
Do private IP addresses change for virtual machines (VMs) in a VNet? If the virtual machine was deployed through Resource Manager, private IP addresses can remain the same. If the VM was deployed through the classic deployment model, dynamic IP addresses may change when a VM is started up after being deallocated.
What is VNet peering? VNet peering allows connection between virtual networks. A VNet peering connection enables the organization to route traffic between them privately. Virtual machines in the peered VNets can communicate with each other as if they are within the same network.
Can a VM in a VNet connect to the internet? Yes. All VMs and Cloud Services deployed within a VNet can connect to the Internet.
Can I implement a firewall between VNet-connected resources? Yes. You can deploy a firewall network virtual appliance from several vendors through the Azure Marketplace.
What is the security model for VNets? VNets are isolated from one another, and other services hosted in the Azure infrastructure.
We understand that the above questions only scratch the surface regarding the questions you may have regarding implementation of VNets at your organization. For more information, check out the Microsoft Azure Virtual Desktop FAQ at the manufacturer site, or call the IT experts at Alliance IT in Sarasota.
