Understanding virtual WANs is easy if you understood the reference architecture that you used in the previous section. In the last figure, we used a hub virtual network to connect the ExpressRoute, VPN, and virtual network peering connection. This hub virtual network can be replaced by a virtual WAN; there are features that a virtual WAN can offer rather than a virtual network. A virtual WAN is a network service offered by Microsoft, which you can establish connectivity to and through Azure to your branch offices. In a virtual WAN, Azure regions will act as a hub for connecting your branch offices. The Azure backbone network will be used to connect your branches. Every Azure region can have only one hub and can be peered with only the virtual networks from that region.
You can incorporate different connectivity methods such as S2S VPN, P2S VPN, and ExpressRoute into a centralized interface. Connectivity to Azure virtual networks can be established using virtual network peering. If you look at Figure 4.20, you can see that a virtual WAN is based on the hub-and-spoke architecture we discussed earlier.
The following are some of the features offered by a virtual WAN:
- Integrated connectivity: Connectivity between on-premises sites and the Azure hub and site-to-site configuration can be completely automated.
- Seamless connectivity: Azure workloads deployed to Azure virtual networks can be seamlessly connected to the hub.
- Monitoring: End-to-end flow can be monitored within Azure without the need to deploy any additional resources.
Two types of virtual WANs are offered by Azure: Basic and Standard (refer to Table 4.3).
FIGURE 4.20 Virtual WAN connectivity
TABLE 4.3 Comparing Virtual WAN Types
| Virtual WAN Type | Hub Type | Available Configurations |
| Basic | Basic | S2S VPN only |
| Standard | Standard | ExpressRoute, S2S, P2S, interhub, virtual network-to-virtual network through a hub |
Summary
In this chapter, we mainly discussed intersite connectivity. We categorized intersite as Azure-to-Azure and Azure to on-premises to explain the connectivity methods. In Azure-to-Azure, we discussed two strategies to connect virtual networks to virtual networks. This includes virtual network peering and a VPN gateway virtual network to virtual network connection. The virtual network peering uses the Microsoft backbone network for communication, while the VPN gateway relies on the public Internet, however it’s encrypted.
Later we discussed Azure to on-premises connectivity, which includes S2S connections, P2S connections, and ExpressRoute. You saw the implementation of S2S and P2S connections. Also, you studied concepts related to ExpressRoute.
You also saw how you can implement a hub-and-spoke architecture using the gateway transit feature. We concluded the chapter by discussing a virtual WAN, which can be used for connecting your branch offices to each other using the Azure global network. Now that you are familiar with the intersite connectivity methods, let’s learn about network traffic management in Chapter 5, “Network Traffic Management.”
Leave a Reply