So what im going to do is more focus on just the sort of networking security side uh. You know the elements, the the solutions as systems we have running in azure that can help you secure everything from a network security perspective and then also, i would touch on um the threat protection piece which would be you know, microsoft, defender for cloud those elements, but Tomorrow, uh, there is an event which covers uh, microsoft, sentinel or cloud native sims. So if you really want to learn as much as you can about that, one that would be definitely tomorrow today. Well, just you know kind of quickly discuss what it is and etc, but it would be mostly focused on networking, security and threat protection today and then the q, a um, like i always just already mentioned, just please type in the chat and well get to you Towards the end of this presentation, imagine network security. You know basically offers you the full benefits of cloud native services for securing your cloud and hybrid networks. Um and you know basically across infrastructure application delivery, and then we have it basically broken down. We have controls which segment we have intelligent web protection, so some of the services leverage our threat intelligence platform to help you make decisions, whether you should the traffic you know accessing your services is risky or not um, encrypt traffic. You know basically what would be considered north south sort of inbound internet.
You know east west, which is inside uh your network for the most part and then on private access, which are things like service impacts. So if youre, if youre using a storage account in in azure, you know you dont need to expose it to the internet. For example, you would you would use whats called a private endpoint or a private link and basically restrict it. So no one outside can ever even attempt to access the service right and then, if you want to expose that sort of service um to the outside, really we have services which you use, which is either under secure application. Delivery to help you publish those in a secure manner to you know, people on the outside and all these services are cloud native. So you get auto scaling built in high availability um to integrate with devops. So you can, if you, if youre bringing in infrastructure as code, you know you can do it that way, et cetera and sorry, my muscle wheel went to the next slide um, but network security. So if you want to look at sort of like a layered um view right so from the outside in um, you know weve got the front door, which is the sort of regional, well, the global balancing solution. So if you, if you want to run a very high available system and make it you know usable from across the globe, and they have the right services given to the right people and in area courses to them so front door will be.
You know the one that kind of does that. Then we have um distributed denial of service protection that protect you protect you from those. You know large scale, um distributed denial of service attacks that are quite prevalent instead and that leverages our azure global black, backbone, um, etc. And after that you go back to the v net level, which is you know the virtual network, so within azure you would you would basically segment your your networking environment into a number of v nets and we have like a lot of standard. You know deployment practices in that area which i dont need to go into. But then, once you get to the v net level, we have azure firewall, which is our stateful firewall as a service. And then, when you get back to again sort of taking services and exposing them to the internet, but within a more localized area, so only within a single region, youve got application gateway, which also has web application. Firewall features for you know for more for less uh, complex uh, you know installations and then, even though one more one more level and youve got no security group application security groups uh, you know and routine protections that wed have all the way down. So, although, depending on the architecture of the service youre delivering they will, they could potentially all come into play and well show like a very quick example architecture later on. So you know, this is basically taking a zero trust approach.
You know you want to try to step stop attacks before they get too far in so obviously this is defense and depths, but uh, you know you want to. You have multiple theres, basically multiple opportunities here in your in your deployment, to make sure that um, you know, hopefully, if that first one doesnt, you know block your attack, one of the next levels within this you know, layered approach here is going to stop.