Which service provides network traffic filtering across multiple Azure subscriptions and virtual networks?
Click on the arrows to vote for the correct answer
A. B. C. D.A
You can restrict traffic to multiple virtual networks in multiple subscriptions with a single Azure firewall.
Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.
You can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. Azure Firewall uses a static public IP address for your virtual network resources allowing outside firewalls to identify traffic originating from your virtual network.
https://docs.microsoft.com/en-us/azure/firewall/overviewThe service that provides network traffic filtering across multiple Azure subscriptions and virtual networks is Azure Firewall, option A.
Azure Firewall is a fully managed, cloud-based network security service that protects your Azure Virtual Network resources. It provides inbound and outbound traffic filtering, along with network address translation (NAT) for multiple Azure subscriptions and virtual networks. With Azure Firewall, you can create and enforce connectivity policies across multiple subscriptions and virtual networks, and you can monitor network traffic using built-in analytics and Azure Monitor.
An application security group, option B, is a logical grouping of Azure virtual machines that enables you to manage network security policies based on application workloads. It is not designed for network traffic filtering across multiple Azure subscriptions and virtual networks.
Azure DDoS Protection, option C, is a service that provides basic protection against distributed denial of service (DDoS) attacks by automatically detecting and mitigating DDoS attacks at the Azure network edge. It does not provide network traffic filtering across multiple Azure subscriptions and virtual networks.
A network security group (NSG), option D, is a security feature of Azure that filters inbound and outbound traffic to an Azure Virtual Network. NSGs can be associated with individual subnets or individual network interfaces within a subnet, but they do not provide network traffic filtering across multiple Azure subscriptions and virtual networks.
Therefore, the correct answer to the question is option A, Azure Firewall.