A company is designing a Zero Trust network strategy. They want to ensure that all network traffic between on-premises and Azure is inspected and logged, regardless of source or destination. Which Azure service should they use to achieve this?
Trap 1: Azure Front Door
Azure Front Door is for global load balancing and web application firewall, not for inspecting all network traffic.
Trap 2: Azure Bastion
Azure Bastion provides secure remote access to VMs, not network traffic inspection.
Trap 3: Azure DDoS Protection
Azure DDoS Protection is focused on mitigating distributed denial-of-service attacks, not general traffic inspection.
- A
Azure Front Door
Why wrong: Azure Front Door is for global load balancing and web application firewall, not for inspecting all network traffic.
- B
Azure Bastion
Why wrong: Azure Bastion provides secure remote access to VMs, not network traffic inspection.
- C
Azure Firewall
Azure Firewall can inspect and log all traffic between on-premises and Azure.
- D
Azure DDoS Protection
Why wrong: Azure DDoS Protection is focused on mitigating distributed denial-of-service attacks, not general traffic inspection.