You have an Azure subscription.
You need to deploy an Azure virtual WAN to meet the following requirements:
• Create three secured virtual hubs located in the East US, West US, and North Europe Azure regions.
• Ensure that security rules sync between the regions.
What should you use?
To create secured virtual hubs and ensure that security rules synchronize across multiple regions, Azure Firewall Manager is the correct choice. Azure Firewall Manager enables centralized management of security policies that can be applied to multiple Azure Firewall instances across various regions. This setup allows for synchronization of security rules, which aligns with the requirement to secure virtual hubs in the East US, West US, and North Europe regions.
https://azure.microsoft.com/en-us/products/virtual-network-manager
I think this is the reason why the answer in examtopics is "D" https://learn.microsoft.com/en-us/azure/firewall-manager/secured-virtual-hub Create a secured virtual hub Using Firewall Manager in the Azure portal, you can either create a new secured virtual hub, or convert an existing virtual hub that you previously created using Azure Virtual WAN. You may configure Virtual WAN to enable inter-region security use cases in the hub by configuring routing intent. For more information on routing intent, see Routing Intent documentation. If i have to chose, i will go with D. Virtual network manager is not designed for security.
For anyone wondering, there is also a reference here which is clear. https://learn.microsoft.com/en-us/azure/firewall-manager/secure-cloud-network
Agree on D - Azure Firewall Manager since it achieves synchronisation by allowing application of centrally defined policy to multiple azure firewalls in different regions -plus extending from erffre's comment- Virtual Network Manager is more focussed on 1) centrally managing your vnet topology 2) managing Security Admin Rules which are global overrides for NSG policy for governance, rather than synchronisation of policy across regions https://learn.microsoft.com/en-us/azure/virtual-network-manager/overview https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-security-admins
Keyword is “secured virtual hubs” A secured virtual hub is an Azure Virtual WAN Hub with associated security and routing policies configured by Azure Firewall Manager.
D. Azure Firewall Manager
D: Azure Firewall Manager From: https://learn.microsoft.com/en-us/azure/firewall-manager/overview An Azure Virtual WAN Hub is a Microsoft-managed resource that lets you easily create hub and spoke architectures. When security and routing policies are associated with such a hub, it is referred to as a secured virtual hub. Hub virtual network This is a standard Azure virtual network that you create and manage yourself. When security policies are associated with such a hub, it is referred to as a hub virtual network. At this time, only Azure Firewall Policy is supported. You can peer spoke virtual networks that contain your workload servers and services. You can also manage firewalls in standalone virtual networks that aren't peered to any spoke.
Sorry, A Azure Firewall Manager can indeed help you manage multiple Azure Firewall instances across different regions, but it is primarily focused on managing and configuring Azure Firewalls and associated policies, not on creating and managing Azure Virtual WAN hubs.
D. Azure Firewall Manager
Secure Virtual Hub and traffic control among the 3 regions is for sure Azure Firewall Manager. Remember, this is a security focused exam.
ttps://azure.microsoft.com/en-us/products/virtual-network-manager
https://azure.microsoft.com/en-us/products/virtual-network-manager
To meet the requirements of creating three secured virtual hubs in different Azure regions and ensuring that security rules sync between the regions, you should use Azure Virtual WAN.
D. Azure Firewall Manager
https://learn.microsoft.com/en-us/azure/firewall-manager/overview#region-availability
D. Azure Firewall Manager
I think A because https://learn.microsoft.com/en-gb/azure/virtual-network-manager/tutorial-create-secured-hub-and-spoke
OK changing my answer, documentation for both describes this scenario but Firewall Manager is the more security focussed which makes sense for a security focussed exam
In Exam20/07/2024