Name: Azure Load Balancing Services & Firewall. Step-by-Step guide
Rating: 4.1 (289 reviews)

Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Created byHussein Awad | Azure | Ex-Amazon

Last updated 4/2025

English

What you'll learn

Explain the difference between Azure Load Balancing services and the right use case for each of them
Hands-on experience on all Azure Load Balancing services
Implement and configure all Azure Load Balancing services
Best practices for Azure Load Balancing services

Course content

6 sections • 170 lectures • 16h 53m total length

Introduction1:24

What is Azure Firewall?5:05
Azure firewall, a cloud-native security service, protects north-south and east-west traffic with filtering and real-time threat intelligence, and it covers basic, standard, and premium SKUs with budget alerts.
Control outbound traffic through Azure Firewall13:54
Inbound traffic routing through Azure Firewall12:15
Deploy & Configure Azure Firewall18:29
Deploy Azure Firewall in hybrid network44:37
Deploy Azure Firewall in a hybrid network that links on prem data centers to Azure workloads via a hub and spoke VNet, using VNet peering, gateways, and route rules.
Filter inbound traffic with DNAT13:27
Configure an Azure firewall in a vnet and use a destination network address translation rule to filter inbound traffic, enabling rdp to a private vm.
Deploy Azure Firewall with DDoS protection11:45
Set up azure firewall with ddos protection in a two-subnet vnet, configure a firewall policy with application and nat rules, and test rdp and web access.
Integrate Azure Firewall with NAT Gateway20:33
Learn to integrate Azure Firewall with NAT gateway to provide outbound internet access for private subnets, using VNet hub and spoke, route tables, and firewall policies.
Deploy Azure Firewall with TLS inspection12:28
Deploy Azure Firewall with SFTP protection7:41
Integrate Azure Firewall with Load Balancer19:43
Deploy Azure Firewall to protect SQL endpoint13:28
Deploy Azure Firewall to protect AKS cluster17:11
Backup Azure Firewall using Logic App11:38
Learn to back up Azure Firewall and firewall policy using Logic Apps, deploying a template to a storage blob, configuring API connections and permissions.
Public IP address & scaling SNAT ports5:40
Explore public IP configuration for Azure Firewall and compare NAT gateway scaling to maximize SNAT ports, including how multiple public IPs boost outbound capacity.
Firewall Manager3:29
Firewall Metrics & Diagnostic settings5:06
Firewall Policy rule sets11:31
Firewall Policy Analytics5:53
Firewall Policy Web Categories12:11
DNS Settings6:54
Threat Intelligence4:32
Rule processing logic11:12
Azure Firewall - SKUs2:38
FQDN & Service Tags3:20
Explore how FQDN tags and service tags simplify Azure Firewall policy rules, enabling Windows updates across Azure and on-premises environments while Microsoft manages the tags.

Introduction3:53
What is Azure Application Gateway?5:40
How Azure Application Gateway works?4:20
Explore how the Azure application gateway listens for requests, routes to backend pools with routing rules, uses http or https, and leverages a web application firewall.
Important Note!2:17
=== Application Gateway Routing ===0:56
Create an Azure Application Gateway11:02
Host Multiple Sites11:41
URL Routing / Path-based Routing9:46
Redirection13:01
Internal Load Balancer (ILB)9:22
Rewriting Sets4:54
Auto Scaling & Zone Redundancy6:00
=== Application Gateway Security ===0:47
SSL Termination10:55
Learn how ssl termination at the application gateway decrypts https traffic, forwards unencrypted http to backend targets, and improves performance, resource utilization, visibility, and certificate management.
End-to-End SSL Encryption4:01
Learn how to enable end-to-end ssl encryption through the application gateway by decrypting requests for routing and re-encrypting them to back-end targets with https settings and backend certificates.
Mutual Authentication & SSL Policies3:25
=== AKS ===0:56
Greenfield - Ingress Controller Add-on for AKS4:24
Brownfield - Ingress Controller Add-on for AKS9:19
Deploy a brownfield AKS cluster and an existing application gateway, enable the application gateway ingress controller, and establish VNet peering to connect them, overcoming address space overlaps.
Web Application Firewall (WAF)8:19
=== Monitoring ===0:59
Diagnostic Settings3:42
Metrics12:20
Explore application gateway metrics and insights, including latency, capacity units, connections, throughput, backend health, 500 errors, and how to diagnose performance bottlenecks for Azure load balancing.
Alerts5:33
Log Analytics3:56
Backend Health & Health Probe5:54
=== Advanced ===0:32
Explore advanced topics for the application gateway, configuring it to handle high traffic while using cookie affinity and connection draining, and compare pricing models and tiers.
High Traffic Support13:48
Pricing3:30
Cookie Affinity2:00
Connection Draining1:22
Learn how connection draining helps the application gateway gracefully remove backend pool targets during planned updates without terminating existing connections. Cookie-based affinity allows traffic to de-registered instances to continue.
Custom Error Pages2:43
Implement custom error pages for application gateways to brand 502 and 403 responses, improving user experience; configure listener-based pages and use Azure PowerShell for global options when needed.
Web Sockets1:25
enable websocket communication through the application gateway by upgrading from http to tcp after the handshake, leveraging fast, reliable websocket over http or https with backend support.
Tiers1:42
=== Configuration ===0:37
Infrastructure4:11
Frontend IP1:29
Explore frontend ip addresses in the application gateway, including public and private options and static or dynamic public ips, internal load balancing, and private-ip subnet requirements.
Listeners2:16
Routing Rules1:28
HTTP Settings1:04
Backend Pools2:26

Introduction3:46
What is Azure Front Door?6:55
Important Note!1:08
=== Front Door Core ===0:50
Explore the core features of Azure Front Door, including creating the front door, configuring a custom domain and security, implementing traffic redirects, managing backend pools, and purging edge caches.
Create An Azure Front Door6:17
Adding Custom Domains4:04
Setting up HTTPs on Custom Domains8:24
Enable https for a custom domain on Azure Front Door, choose the minimum TALF version, and decide between Front Door managed certificates or your own certificates in key vaults.
Root / Apex Domains5:43
HTTP to HTTPS Redirection3:41
URL Redirection2:13
Backends & Backend Pools8:25
Rules Engine & Security Headers3:55
Web Application Firewall (WAF)4:10
Caching4:09
=== Rules Engine ===0:31
Rules Engine Architecture5:32
Rules Engine Conditions & Actions6:36
=== Routing ===0:44
Routing Architecture5:29
Explore the routing architecture of Azure front door, from edge locations and host header matching to TLS handshakes, custom domain handling, web application firewall evaluation, caching, and backend pool selection.
Routing Rules Matching11:33
Routing Methods10:34
=== Azure Front Door Standard / Premium Tiers ===0:38
Create an Azure Front Door Standard/Premium13:20
Feature Comparisons1:30
Compare Azure Front Door standard and premium features, including private origin, custom rules, bot protection, and security reports, to choose the right tier for your needs.
Pricing2:44
=== Web Application Firewall (WAF) ===0:47
How WAF Works4:57
Create WAF Policy & Log Analytics3:24
WAF Managed Rules5:08
WAF Custom Rules3:54
WAF Settings2:56
=== Monitoring ===0:56
Metrics3:12
Explore front door metrics, including backend health percentage, backend request codes, latency, and billable response sizes, to understand where latency comes from and how requests are handled.
Alerts1:26
Create alert rules for edge and front door resources using metrics or logs, set threshold for backend health, and route notifications through action groups to monitor traffic and security.
Log Analytics Workspace1:47
Health Probe1:15
Clean Up!0:44

Introduction3:21
What is Azure Load Balancer?4:57
Create a public Load Balancer8:56
Create a public load balancer, configure a virtual network and two VMs, set up backend pools, health probes, and HTTP rules, and test with IIS.
Create an Internal Load Balancer10:54
Important Note!1:27
Engage in a hands-on Azure load balancing and firewall setup, creating and configuring services while monitoring costs, and learn quick cleanup to avoid ongoing monthly bills.
=== Load Balancer Core ===0:47
Create a multiple VMs inbound NAT rule11:00
Load balance VMs within a specific availability zone7:48
Load balance VMs with multiple availability sets6:22
Create a cross-region Load Balancer4:35
Create a Gateway Load Balancer3:07
Integrate NAT gateway with a Load Balancer2:09
Using DDoS protection for Load Balancer1:43
=== Load Balancer Components ===0:35
Basics & SKUs3:01
Explore basic load balancer configuration in Azure, including resource group, region, and SKU, while comparing basic and standard tiers and public versus internal options for production workloads.
Frontend IP Configuration4:03
Backend Pools2:21
Inbound rules - Load Balancing rules4:20
Create an Azure load balancer with a front end IP, public IP, and backend pool, then define an inbound load balancing rule using TCP or UDP with a health probe.
Inbound rules - Inbound NAT rules3:24
Outbound rules3:19
Zone Redundancy5:41
Explore zone redundancy to serve traffic through a single front end IP across zones. Compare zonal deployment and no-zone options, and learn how traffic manager directs to healthy zones.
Cross-region Load Balancer4:51
Gateway Load Balancer1:30
=== Inbound connectivity ===0:31
Inbound NAT rules4:53
High Availability ports2:30
Learn how to enable high availability ports on Azure internal load balancers, enabling load balancing across all ports for every flow based on source and destination IPs, ports, and protocol.
Multiple Frontends & Floating IPs8:21
TCP reset2:08
=== Outbound connectivity ===0:33
Outbound connections10:24
Outbound-only Load Balancer egress only10:27
Implement outbound-only connectivity using an internal and a public load balancer, with a front-end IP and outbound rule; note NAT gateway is recommended to avoid port exhaustion.
=== Monitoring ===0:40
Insights2:41
Diagnostic Settings1:52
Metrics1:06
Explore Azure load balancer metrics, including net port status, internet port counts, connection counts, health probe status, and aggregations such as count, sum, average, min, and max.
Alerts3:16
Configure Azure load balancer alerts by linking them to metrics, setting a static threshold such as 65,000 net connections, evaluating every minute over 30 minutes, and notifying an action group.
Log Analytics0:52

Introduction3:55
What is Azure Traffic Manager?9:21
Create a Traffic Manager profile10:03
Create and configure a traffic manager profile using priority routing to deliver high availability by directing traffic to Sydney first and failing over to US via endpoints.
Important Note!1:47
Engage in this hands-on Azure course to create VMs, App Service, and Traffic Manager, learn load balancing services and firewall concepts, and practice clean up to minimize costs.
=== Traffic Manager Routing ===0:40
Priority Routing11:42
Weighted Routing19:25
Explore weighted routing in Azure traffic manager, distributing traffic across region endpoints by configured weights, with Sydney and US IIS servers as a practical example and notes on DNS caching.
Performance Routing23:11
Geographic Routing23:23
Subnet Routing5:42
Explore subnet routing in an Azure traffic manager profile by assigning a cidr range to direct traffic. See how traffic from the specified cidr reaches a chosen endpoint.
Multi-value Routing2:42
=== Traffic Manager Configurations ===0:45
Alias Records10:28
Endpoint Types17:53
Endpoint Monitoring23:18
Explore endpoint monitoring in Azure traffic manager: configure a traffic manager profile with priority routing, define http/https/tcp probes, custom headers, status code ranges, and probing intervals to assess endpoint health.
Real User Measurements2:56
Traffic View2:14
Enable traffic view in the traffic manager profile to visualize traffic origin and endpoints on a world map, with a table of local DNS resolver IP, region, volume, and latency.
=== Traffic Manager - Advanced ===0:47
Traffic Manager nested profiles17:45
Explore nested traffic manager profiles, including parent and child configurations, nested endpoints, and routing strategies like performance and weighted routing, with health monitoring and IPv4/IPv6 considerations.
Combine Load Balancing Services13:29
Disaster recovery using Traffic Manager3:03
Learn how disaster recovery with Azure Traffic Manager enables automatic failover between primary and backup sites using priority routing and health checks.
Blue-Green Deployment using Traffic Manager1:37
=== Monitoring ===0:29
Diagnostic Settings1:39
Configure diagnostic settings for a traffic manager profile by creating a new diagnostic settings entry and directing all logs and metrics to a log analytics workspace, then save changes.
Metrics2:16
Explore traffic manager metrics, including endpoint status by endpoints and queries by endpoint results, with filters and alerts to monitor and optimize your Azure load balancing setup.
Alerts2:05
Log Analytics1:43
Verify Traffic Manager settings0:38
Verify traffic manager settings using Windows tools like nslookup and ipconfig, and test failover, weighted routing, and performance routing for your traffic manager profile.
Performance Measurements0:27
Explore performance considerations for your traffic manager profile and tools to measure DNS performance of your traffic manager. A link to a helpful document is provided in the description.

Requirements

Basic Azure Skills

Description

Introduction to Azure Load Balancing Services and Firewalls

As businesses move critical applications to the cloud, the ability to deliver high availability, reliability, scalability, and airtight security becomes essential. Microsoft Azure provides a rich set of networking services designed to keep your applications robust and protected, regardless of user location or demand.

Why Load Balancing and Firewalls Matter

Cloud applications must serve users across diverse regions, maintain high performance during spikes in traffic, and defend against both external and internal threats. Load balancing is crucial for evenly distributing user requests and workloads, improving fault tolerance, and preventing service outages. Meanwhile, proper firewall configuration is key to establishing a secure boundary for your infrastructure, managing traffic flows, and mitigating unauthorized access or attacks.

What This Course Covers

In this course, you’ll gain a practical and in-depth understanding of how Azure’s built-in networking solutions provide the backbone for scalable and secure cloud deployments. Key topics include:

Azure Load Balancer: Learn how to distribute traffic efficiently at the network layer to ensure high availability for your virtual machines and containers.
Azure Application Gateway: See how this application delivery controller provides advanced layer 7 (HTTP/HTTPS) routing, SSL termination, and application firewall capabilities for protection against web-based threats.
Azure Traffic Manager: Understand DNS-based load balancing for global user distribution and seamless failover across multiple Azure regions.
Azure Front Door: Discover how this global, scalable entry point delivers high-performance, secure web applications with intelligent traffic routing, SSL offloading, and integrated Web Application Firewall.
Azure Firewall: Explore the centralized, cloud-native network security service that enables you to create and enforce application and network connectivity policies across your resources.
Network Security Groups (NSGs): Grasp how NSGs filter and control traffic at the subnet and NIC levels for fine-grained access management within your virtual networks.
Security Best Practices: Review strategies for designing secure, compliant network architectures, including segmentation, zero trust, and defense-in-depth approaches.
Integration and Monitoring: Discover how to integrate load balancing and firewall services with Azure Monitor, diagnostics, and alerting tools to proactively detect and respond to threats or performance issues.

Who Should Take This Course?

This course is ideal for IT professionals, cloud architects, security engineers, and anyone responsible for designing or managing cloud-based applications in Azure. Whether you are new to cloud networking or looking to deepen your expertise, the course balances essential concepts with actionable, hands-on guidance.

Outcomes and Benefits

By the end of this course, you will know how to:
Evaluate and select the appropriate Azure load balancing solution for specific scenarios.
Architect resilient, highly available, and scalable applications.
Deploy and configure Azure firewalls and security tools to safeguard your resources.

With this knowledge, you will be able to confidently design, deploy, and manage secure, high-performing cloud applications that meet the demanding requirements of modern business.

Who this course is for:

Cloud Engineers
Cloud Architects
Software Engineers
Developers
Network Engineers
Network Architects
Security Engineers
Security Architects

What you'll learn

Explore related topics

Course content

Introduction1 lecture • 1min

Azure Firewall25 lectures • 4hr 55min

Azure Application Gateway41 lectures • 3hr 18min

Azure Front Door37 lectures • 2hr 33min

Azure Load Balancer37 lectures • 2hr 30min

Azure Traffic Manager29 lectures • 3hr 35min

Requirements

Description

Who this course is for: