Content Comparison

Versions Compared

Version	Old Version 48	New Version 49
Changes made by	thierry sinassamy	thierry sinassamy
Saved on	May 01, 2024	May 01, 2024

Key

This line was added.
This line was removed.
Formatting was changed.

...

Finally, we have to configure Network Routing when we use Azure Private Endpoints : Network routing preference - Azure Storage | Microsoft Learn
1. For traffic flowing to private endpoints, you can add a rule to route that traffic through your Network Virtual Appliance (NVA). You can reuse that rule across all your spokes, Virtual Private Network (VPN) gateways, and Azure ExpressRoute gateways : Azure Private Link in a hub-and-spoke network - Azure Architecture Center | Microsoft Learn
2. We may need to inspect or block traffic from clients to the services exposed via private endpoints : Azure Firewall scenarios to inspect traffic destined to a private endpoint - Azure Private Link | Microsoft Learn

Azure AI Search

The Network Segmentation boundaries will be established via the deployment of Azure AI Search in a private Virtual Network (VNet) and so, in a specific subnet : Configure Virtual Networks for Azure AI services - Azure AI services | Microsoft Learn

- Azure security baseline for Azure Cognitive Search | Microsoft Learn

...

Outbound connection - Connect through Firewall (for Azure AI Search - Configure an IP firewall - Azure AI Search | Microsoft Learn)

Configure Azure Storage Firewall (Configure Azure Storage firewalls and virtual networks | Microsoft Learn)

Azure Web apps : Connect privately to an App Service apps using private endpoint - Azure App Service | Microsoft Learn, with NAT GATEWAY (Azure NAT Gateway integration - Azure App Service - Azure App Service | Microsoft Learn), control outbound with App Service outbound traffic control with Azure Firewall - Azure App Service | Microsoft Learn; Integrate your app with an Azure virtual network - Azure App Service | Microsoft Learn, access restriction : App Service Access restrictions - Azure App Service | Microsoft Learn

Tutorial: Isolate back-end communication with Virtual Network integration - Azure App Service | Microsoft Learn

static IP restrictions : Azure App Service access restrictions - Azure App Service | Microsoft Learn

Control outbound traffic with NSG : App Service outbound traffic control with Azure Firewall - Azure App Service | Microsoft Learn pp Service | Microsoft Learn si notre app est intégré à a VNET. On peut aussi le faire de façon centralisée à travers les abonnements Azure (Azure Firewall Standard features | Microsoft Learn)Web Apps - App Service Environment networking - Azure App Service Environment | Microsoft Learn