Which service provides network traffic filtering across multiple Azure subscriptions and virtual networks?
Click on the arrows to vote for the correct answer
A. B. C. D.A
You can restrict traffic to multiple virtual networks in multiple subscriptions with a single Azure firewall.
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
You can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. Azure Firewall uses a static public IP address for your virtual network resources allowing outside firewalls to identify traffic originating from your virtual network.
https://docs.microsoft.com/en-us/azure/firewall/overviewThe correct answer to the question is A. Azure Firewall.
Azure Firewall is a fully managed, cloud-based network security service that provides network traffic filtering across multiple Azure subscriptions and virtual networks. It provides inbound and outbound traffic filtering with stateful inspection, high availability, and unlimited scalability. Azure Firewall is a central security service that provides protection against network-based threats such as DDoS attacks, SQL injection, and cross-site scripting (XSS) attacks.
An Application Security Group (ASG) is a logical group of resources in Azure that can be used to configure network security rules. An ASG can contain multiple virtual machines, virtual machine scale sets, or other ASGs, and can be used to define network security rules that apply to all resources in the group.
Azure DDoS Protection is a service that provides advanced protection against DDoS attacks. It is designed to protect Azure resources from the impact of DDoS attacks by automatically detecting and mitigating DDoS attacks in real-time.
A Network Security Group (NSG) is a set of rules that control inbound and outbound traffic to a virtual machine in Azure. An NSG can be used to create security rules that allow or deny traffic based on source IP address, destination IP address, protocol, and port.
While NSG and ASG provide network security at the virtual machine level, Azure Firewall provides network security at the network level, making it a better option for filtering network traffic across multiple Azure subscriptions and virtual networks.