Well, Have you ever thought about the idea to use Public Cloud resources on demand to server as part of your datacenter? Many did, but how to securely connect the Public Cloud resources back to your own Datacenter and function as a collective unit is the biggest challenge.
Well, Windows Azure has something to offer now. You can now connect Windows Azure Virtual Network to an on-premises network via site-to-site VPN connection as shown in diagram below.
What is the requirement?
You need a VPN gateway device in your on-premises datacenter. Here is the list of currently supported devices
|Cisco platform||OS family||Sample configuration script|
|ASA 5505||ASA version 8.3||Cisco ASA 5505 or ASA 5585 version 8.3|
|ASA 55851||ASA version 8.3||Cisco ASA 5505 or ASA 5585 version 8.3|
|ASR 1001||IOS Release 15.2||Cisco ASR 1001 IOS Release 15.2|
|ASR 10042||IOS Release 15.2||Cisco ASR 1004 IOS Release 15.2|
|ASR 10063||IOS Release 12.2||Cisco ASR 1006 IOS Release 12.2|
|ISR 29214||IOS Release 15.0||Cisco ISR 2921 IOS Release 15.0|
|ISR 39255||IOS Release 15.2||Cisco ISR 3925 IOS Release 15.2|
|ISR 3945E6||IOS Release 12.2||Cisco ISR 3945E IOS Release 12.2|
|Juniper platform||OS family||Sample configuration script|
|SRX 210||JunOS 11.2r6JunOS 10.4r9||Juniper SRX 210 JunOS 11.2r6 or JunOS 10.4r9|
|SRX 1400||JunOS 11.2r6JunOS 10.4r9||Juniper SRX 1400 JunOS 11.2r6 or JunOS 10.4r9|
|J-Series J6350||ScreenOS 6.3r9ScreenOS 6.2r13||Juniper J-Series J6350 JunOS 11.2r6 or JunOS 10.4r9|
|ISG 1000||ScreenOS 6.3r9ScreenOS 6.2r13||Juniper ISG 1000 ScreenOS 6.3r9 or ScreenOS 6.2r13|
This list will be growing and include some lower end devices that are more affordable.
What if I don’t have a supported device?
If your current VPN device satisfies the following requirements. It may work with Azure Virtual Network
- VPN device must have a public facing IPv4 address
- VPN device must support IKEv1
- Establish IPsec Security Associations in Tunnel mode
- VPN device must support NAT-T
- VPN device must support AES 128-bit encryption function, SHA-1 hashing function, and Diffie-Hellman Perfect Forward Secrecy in “Group 2” mode
- VPN device must fragment packets before encapsulating with the VPN header
Go to Windows Azure Website today and try it FREE for 90 Days: http://www.windowsazure.com/en-us/