Hybrid Azure deployment architecture connects aircraft hangar RFID tool tracking systems to cloud-hosted L5 Connect Server via site-to-site VPN. RFID events and Zebra CoreScanner data flow from hangar LAN through corporate firewall (TCP 59008/59009/1433) over IPsec tunnel to Azure VPN Gateway, routing to L5 Connect Server VM in isolated server subnet (10.0.1.0/24) with NSG protection. Server integrates with Azure SQL Database via private endpoint in dedicated database subnet (10.0.2.0/24), while Azure Monitor, Log Analytics, Key Vault, and Azure Backup provide observability and security. This architecture demonstrates secure hybrid connectivity for industrial IoT workloads requiring on-premises data collection with centralized cloud management and compliance logging. Fork this diagram on Diagrams.so to customize subnets, NSG rules, or add Azure Bastion for administrative access without exposing public endpoints.