Introduction
This module equips administrators to secure public access, ensuring application and service confidentiality, integrity, and availability
Scenario
Imagine you are an Azure security specialist responsible for managing the security of Azure resources that are publicly accessible. Your organization relies on Azure services to deliver web applications and APIs to customers and partners, and you need to ensure that these resources are protected against threats while maintaining high performance.
Learning objectives
By the end of this module, participants will be able to:
- Plan and implement security strategies for public access to Azure resources, protecting against unauthorized access and data breaches.
- Configure and manage Transport Layer Security (TLS) to secure applications, including Azure App Service and API Management, to encrypt data in transit.
- Design, implement, and manage an Azure Firewall, including Azure Firewall Manager and firewall policies, to protect network traffic and applications.
- Plan and implement an Azure Application Gateway to optimize the delivery, scalability, and security of web applications.
- Deploy and configure an Azure Front Door, including Content Delivery Network (CDN), to enhance the performance and availability of web applications.
- Set up and manage a Web Application Firewall (WAF) to protect web applications from common web-based attacks.
- Make informed recommendations on when to use Azure DDoS Protection Standard to defend against distributed denial-of-service (DDoS) attacks.
Goals
The module aims to equip participants with the knowledge and expertise necessary to design, implement, and manage a comprehensive security strategy for public access to Azure resources. Participants will be able to secure web applications, APIs, and network traffic effectively, ensuring the availability and performance of critical services while protecting against security threats.