Let me summarize Azure networking options based on usecase:
- You need network connectivity between resources across different virtual networks in same region, you need to implement VNet peering.
- You need connectivity between resources in virtual networks spanned across different region, you need to implement Global VNet peering.
- You need network connectivity between your Organization (On-Prem) and your azure tenant and you are ok to have the secure channels over the internet, You need to implement site to site VPN gateways.
- You want network connectivity between your offices to azure tenancy with high throughput and not over internet, you need to implement Express Route.
- You need individual users to use services hsoted in your Azure tenant, you will implemnet Point-to-site VPN gateway.
All the above implementations are different on thier configurations and they each cater for each use case in its own capacity.
Here is why you need to choose Virtual WAN if you are already using more than 2 capabilities mentioned above.
- VWAN brings all of the above network connectivity implemntations under one centralized platform.
- VWAN automatically deployes one hub in each choosen region which implements Hub-spoke network design by default.
- Site-to-Site VPN gateways supports max of 10, 30 and 100 tunnels in Basic, Standard and HighPerformance SKUs. VWAN supports upto 1000 branch conncetions per VWAN hub, which can throuhput at 20GBps per hub.
- Though private communication between VNets in both VNet Peering and VWAN are ecrypted over MS backbone network, Adding additional firewall security is way easier in VWAN comapred to VNet peering.
- VWAN has most of the above services deployed across all avilability zones in a given region thus making it more relaible and scalable without any manual intervention.
- Virtual WAN provides many functionalities built into a single pane of glass such as site/site-to-site VPN connectivity, User/P2S connectivity, ExpressRoute connectivity, virtual network connectivity, VPN ExpressRoute Interconnectivity, VNet-to-VNet transitive connectivity, Centralized Routing, Azure Firewall and Firewall Manager security, Monitoring, ExpressRoute Encryption, and many other capabilities. Pick and choose what you want.
More information is available on MS Documentation. All refrence links are provided at the end of the article.
Now the title of artice is no "Why VWAN?" it says "Deploying VWAN using Terrafrom & Azure Devops". So lets jump in to deployment.
