Azure VPN Gateway

  • Author: Ronald Fung

  • Creation Date: 2 June 2023

  • Next Modified Date: 2 June 2024

A. Introduction

Azure VPN Gateway is a service that uses a specific type of virtual network gateway to send encrypted traffic between an Azure virtual network and on-premises locations over the public Internet. You can also use VPN Gateway to send encrypted traffic between Azure virtual networks over the Microsoft network. Multiple connections can be created to the same VPN gateway. When you create multiple connections, all VPN tunnels share the available gateway bandwidth.

About VPN gateways

A VPN gateway is a type of virtual network gateway. A virtual network gateway is composed of two or more Azure-managed VMs that are automatically configured and deployed to a specific subnet you create called the GatewaySubnet. The gateway VMs contain routing tables and run specific gateway services.

One of the settings that you specify when creating a virtual network gateway is the “gateway type”. The gateway type determines how the virtual network gateway will be used and the actions that the gateway takes. A virtual network can have two virtual network gateways; one VPN gateway and one ExpressRoute gateway. The gateway type ‘Vpn’ specifies that the type of virtual network gateway created is a VPN gateway. This distinguishes it from an ExpressRoute gateway, which uses a different gateway type. For more information, see Gateway types.

When you create a VPN gateway, gateway VMs are deployed to the gateway subnet and configured with the settings that you specified. This process can take 45 minutes or more to complete, depending on the gateway SKU that you selected. After you create a VPN gateway, you can configure connections. For example, you can create an IPsec/IKE VPN tunnel connection between that VPN gateway and another VPN gateway (VNet-to-VNet), or create a cross-premises IPsec/IKE VPN tunnel connection between the VPN gateway and an on-premises VPN device (Site-to-Site). You can also create a Point-to-Site VPN connection (VPN over OpenVPN, IKEv2, or SSTP), which lets you connect to your virtual network from a remote location, such as from a conference or from home.

B. How is it used at Seagen

As a biopharma research company using Microsoft Azure, you can use Azure VPN Gateway to securely connect your on-premises network or other remote networks to your virtual network in Azure. Here are some ways you can use Azure VPN Gateway:

  1. Connect remote sites: Azure VPN Gateway allows you to connect your remote sites to your virtual network in Azure, enabling you to extend your network to your remote locations and manage your cloud resources more effectively.

  2. Optimize network traffic: Azure VPN Gateway enables you to optimize network traffic between your virtual network and your on-premises network or other remote networks, ensuring high performance and low latency.

  3. Improve security: Azure VPN Gateway provides advanced security features, such as encryption and authentication, that help you to secure your network traffic and protect your cloud resources from cyber threats.

  4. Simplify management: Azure VPN Gateway enables you to simplify network management by centralizing your network policies and configurations, making it easier to manage your virtual network and cloud resources.

  5. Scale your network: Azure VPN Gateway enables you to scale your network by adding more virtual networks and cloud resources to your virtual network, ensuring that your network can grow with your business needs.

  6. Monitor network activity: Azure VPN Gateway provides monitoring and logging features that allow you to track network activity and diagnose issues in real-time, enabling you to quickly identify and resolve network issues.

Overall, Azure VPN Gateway offers a powerful and secure way to connect and manage your virtual network and cloud resources in Microsoft Azure. By leveraging Azure VPN Gateway, you can effectively manage your network traffic, improve security and compliance, and optimize network performance, all while taking advantage of the scalability, flexibility, and cost-efficiency of the Azure platform. This can help you to optimize your biopharma research efforts and make data-driven decisions that support your business goals.

C. Features

Azure VPN Gateway is a service provided by Microsoft Azure that enables customers to securely connect their on-premises network or other remote networks to their virtual network in Azure. Here are the key features of Azure VPN Gateway:

  1. Global connectivity: Azure VPN Gateway provides global connectivity for your virtual network and on-premises network or other remote networks, enabling you to connect and manage your resources across multiple regions and locations.

  2. Advanced security features: Azure VPN Gateway provides advanced security features, such as encryption and authentication, that help you to secure your network traffic and protect your cloud resources from cyber threats.

  3. Network traffic optimization: Azure VPN Gateway enables you to optimize network traffic between your virtual network and your on-premises network or other remote networks, ensuring high performance and low latency.

  4. Centralized network management: Azure VPN Gateway enables you to centralize your network policies and configurations, making it easier to manage your virtual network and cloud resources.

  5. Scalability: Azure VPN Gateway enables you to scale your network by adding more virtual networks and cloud resources to your virtual network, ensuring that your network can grow with your business needs.

  6. Monitoring and diagnostics: Azure VPN Gateway provides monitoring and logging features that allow you to track network activity and diagnose issues in real-time, enabling you to quickly identify and resolve network issues.

  7. High availability: Azure VPN Gateway provides high availability features that ensure your network connection is always available and reliable.

  8. Support for multiple VPN protocols: Azure VPN Gateway supports multiple VPN protocols, including IKEv1, IKEv2, and SSL, giving you flexibility in how you connect to your virtual network.

Overall, Azure VPN Gateway offers a powerful and secure way to connect and manage your virtual network and cloud resources in Microsoft Azure. By leveraging Azure VPN Gateway, you can effectively manage your network traffic, improve security and compliance, and optimize network performance, all while taking advantage of the scalability, flexibility, and cost-efficiency of the Azure platform. This can help you to optimize your biopharma research efforts and make data-driven decisions that support your business goals.

D. Where Implemented

LeanIX

E. How it is tested

Testing Azure VPN Gateway involves verifying that your on-premises network or other remote networks are effectively connected and secured to your virtual network in Azure. Here are some steps you can take to test Azure VPN Gateway:

  1. Verify configuration: Verify that Azure VPN Gateway is properly configured and integrated with your Azure account and virtual network.

  2. Test connectivity: Test Azure VPN Gateway by verifying that your on-premises network or other remote networks are effectively connected to your virtual network in Azure, and that network traffic is properly optimized and secured.

  3. Test security: Test Azure VPN Gateway by verifying that your network traffic and security policies are properly configured and that your virtual network and on-premises network or other remote networks are effectively secured.

  4. Test scalability: Test Azure VPN Gateway by verifying that you can effectively scale your network by adding more virtual networks and cloud resources to your virtual network, ensuring that your network can grow with your business needs.

  5. Test monitoring: Test Azure VPN Gateway by verifying that you can effectively monitor and log network activity and diagnose issues in real-time, enabling you to quickly identify and resolve network issues.

Overall, testing Azure VPN Gateway involves verifying that your on-premises network or other remote networks are effectively connected and secured to your virtual network in Azure. By taking these steps, you can ensure that you are effectively using Azure VPN Gateway to manage and secure your cloud-based applications and services, optimize your biopharma research efforts, and make data-driven decisions that support your business goals.

F. 2023 Roadmap

????

G. 2024 Roadmap

????

H. Known Issues

As with any software or service, there may be known issues or limitations with Azure VPN Gateway that users should be aware of. Here are some of the known issues with Azure VPN Gateway:

  1. Limited throughput: Azure VPN Gateway may have limited throughput, which may impact its ability to effectively serve customers with high network traffic demands.

  2. Complexity: Configuring and managing Azure VPN Gateway can be complex, requiring careful attention to network topology, routing tables, security policies, and other network settings.

  3. Limited flexibility: While Azure VPN Gateway provides flexibility and scalability for changing business needs, customers may still experience some limitations in terms of modifying their network policies or network topology.

  4. Limited customization: Azure VPN Gateway may not support all custom configurations or images, which may impact its ability to support certain workloads or applications.

  5. Cost optimization: Optimizing costs in Azure VPN Gateway can be complex, requiring careful management of network traffic, routing tables, and security policies.

  6. Security and compliance: Azure VPN Gateway provides advanced security and compliance features, but users must ensure that their virtual networks and other cloud resources are properly secured and compliant with relevant regulations and policies.

Overall, while Azure VPN Gateway offers a powerful and secure way to connect and manage your virtual network and cloud resources in Microsoft Azure, users must be aware of these known issues and take steps to mitigate their impact. This may include carefully monitoring throughput, complexity, flexibility, customization, cost optimization, security and compliance, and other factors that impact the performance, availability, and scalability of their cloud-based applications and services. By taking these steps, users can ensure that they are effectively using Azure VPN Gateway to manage and secure their cloud-based applications and services and make data-driven decisions that support their biopharma research efforts.

[x] Reviewed by Enterprise Architecture

[x] Reviewed by Application Development

[x] Reviewed by Data Architecture