Managed Azure Platform is the Supplier’s service for providing management and support for Azure resources such as Network and Platform components.
Azure Virtual Networks provide the infrastructure for deploying workloads that require an advanced network configuration. Virtual networks provide support for hybrid network connectivity from Azure to customer on-premises network, or to other virtual networks in Azure. Managing an Azure virtual network involves creating, updating, and deleting virtual networks, specifying the address spaces (ranges) to use, and dividing the network into subnets.
In Azure you can use Network SecurityGroup to filter network traffic to and from Azure resources in an Azure virtual network. It contains security rules that allows or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. AzurePlatform Management will provide customer a set of Network Security Group with high security best practices.
To increase even more security on the network, a firewall is needed. The firewall's job is to analyze all incoming and outgoing network traffic. Based on that analysis, the firewall either allows the traffic to pass, or it denies the traffic. Ideally, the firewall allows all legitimate traffic while denying malicious traffic such as malware and intrusion attempts. This service will manage traffic in and out of the firewall to internet and will follow Microsoft Azure Security baseline framework. By default, all traffic is blocked for communication. Based on customer need and requirement traffic will be opened. Managing firewall will include following tasks and services: •Security policy creation and association •Network rules and applications rules •Nat rules •IP Groups •Threat Intelligence