Choose a secure network topology

A network topology defines the basic routing and traffic flow architecture for your workload. However, you must consider security with the network topology. To simplify the initial decision to formulate a direction, there are some simple paths that can be used to help define the secure topology. This includes whether the workload is a globally distributed workload or a single region-based workload. You also must consider plans to use third-party network virtual appliances (NVA's) to handle both routing and security.

Azure Virtual WAN is a networking service that brings many networking, security, and routing functionalities together to provide a single operational interface.

Decision tree

The following decision tree helps you to choose a network topology for your security requirements. The decision tree guides you through a set of key decision criteria to reach a recommendation.

Treat this decision tree as a starting point. Every deployment has unique requirements, so use the recommendation as a starting point. Then perform a more detailed evaluation.

Next steps

• Choose a secure application delivery service
• Learn more about Azure network security