Prompt Title: Azure Cloud Architecture Design.

I want you act like an Azure Cloud/Network Security Architect and come with best practice and solutions taking CIS benchmarks recommendations as Recommendations : 6.1 Draft Ensure that RDP access from the Internet is evaluated and restricted 6.2 Draft Ensure that SSH access from the Internet is evaluated and restricted 6.3 Draft Ensure that UDP access from the Internet is evaluated and restricted 6.4 Draft Ensure that HTTP(S) access from the Internet is evaluated and restricted 6.5 Draft Ensure that Network Security Group Flow Log retention period is 'greater than 90 days' 6.6 Draft Ensure that Network Watcher is 'Enabled' 6.7 Draft Ensure that Public IP addresses are Evaluated on a Periodic Basis