• An Azure virtual network (VNet) is a representation of your own network in the cloud.
• It is a logical isolation of the Azure cloud dedicated to your subscription. You can fully control the IP address blocks, DNS settings, security policies, and route tables within this network.
• You can also further segment your VNet into subnets and launch Azure virtual machines (VMs).

In computer networks, a DMZ (demilitarized zone) is a physical or logical sub-network that separates an internal local area network (LAN) from other untrusted networks, usually the Internet.

Azure VNet Pricing:

• There is no extra cost for using Virtual Networks in Azure.
• The compute instances launched within the Vnet will be charged the standard rates as described in Azure VM Pricing.
• The VPN Gateways and Public IP Addresses used in the VNet will also be charged standard rates.

Subnets – Subnet is a range of IP addresses in the VNet, you can divide a VNet into multiple subnets for organization and security. VMs deployed to subnets (same or different) within a VNet can communicate with each other without any extra configuration. You can also configure route tables and NSGs to a subnet.

Network Interface Card (NIC) –VMs communicate with other VMs and other resources on the network by using virtual network interface card (NIC). Virtual NICs configure VMs with private and optional public IP address. VMs can have more than one NIC for different network configurations.

Network Security Group (NSG): –You can create NSGs to control inbound and outbound access to network interfaces (NICs), VMs, and subnets. Each NSG contains one or more rules specifying whether or not traffic is allowed or denied based on protocol, source IP address, source port, destination IP address, and destination port.

Azure Load Balancers: – The Azure Load Balancer delivers high availability and network performance to your applications. It is a Layer 4 (TCP, UDP) load balancer that distributes incoming traffic among healthy service instances in virtual machines defined in a load-balanced set.

Application Gateways: Azure Application Gateway is a layer-7 load balancer. It provides failover, performance-routing HTTP requests between different servers, whether they are on the cloud or on-premises. Application Gateway provides many Application Delivery Controller (ADC) features including HTTP load balancing, cookie-based session affinity, Secure Sockets Layer (SSL) offload, custom health probes, support for multi-site, and many others

Traffic Manager: Microsoft Azure Traffic Manager allows you to control the distribution of user traffic for service endpoints in different datacenters. Service endpoints supported by Traffic Manager include Azure VMs, Web Apps, and cloud services.

VPN Gateways: Azure VPN Gateway is used to connect an Azure virtual network (VNet) to other Azure VNets or to an on-premises network. You need to assign a public IP address to its IP configuration to enable it to communicate with the remote network. Currently, you can only assign a dynamic public IP address to a VPN gateway