Network security typically falls into three areas:
- Secure/manage traffic flow between applications, their tiers, between different environments, and other services
- Secure/manage traffic flow between users and the application
- Secure/manage traffic flow between the applications and the Internet
Azure Network security is about building a defense in depth approach.
The usual type of services that need to be protected from the network perspective, can be categorized into those types:
- IaaS services connected to subnets
- PaaS services connected to subnets
- Public facing PaaS services with security lockdown
- Public facing PaaS services with TLS access restrictions