EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

AF

Application Protection Services

Application Protection Services

Application Protection Service

Azure Application Protection Service, helps in protect your network resources , protect your application using verity of services like Azure -DDoS Protection , Private Link , Firewall , WAF, NSG, Virtual Network Service End Point.

Connecting Azure Resource Over Private Network: (Virtual Network Service End Point )

When we want to connect the Azure Resource over Private Network from VNet, we can use Azure feature called as Azure Service Endpoint, without need of a public IP address on VNet.

Below table provides a snapshot, what all resources resides in VNet and what resource do not reside on VNet.

Below table shows, how we can connect to Azure Resource via Private IP address from attached VNet.

Service endpoints are available for the following Azure services and regions. The Microsoft.* resource is in parenthesis. Enable this resource from the subnet side while configuring service endpoints for your service:

Generally available

  • Azure Storage (Microsoft.Storage): Generally available in all Azure regions.
  • Azure SQL Database (Microsoft.Sql): Generally available in all Azure regions.
  • Azure Synapse Analytics (Microsoft.Sql): Generally available in all Azure regions for dedicated SQL pools (formerly SQL DW).
  • Azure Database for PostgreSQL server (Microsoft.Sql): Generally available in Azure regions where database service is available.
  • Azure Database for MySQL server (Microsoft.Sql): Generally available in Azure regions where database service is available.
  • Azure Database for MariaDB (Microsoft.Sql): Generally available in Azure regions where database service is available.
  • Azure Cosmos DB (Microsoft.AzureCosmosDB): Generally available in all Azure regions.
  • Azure Key Vault (Microsoft.KeyVault): Generally available in all Azure regions.
  • Azure Service Bus (Microsoft.ServiceBus): Generally available in all Azure regions.
  • Azure Event Hubs (Microsoft.EventHub): Generally available in all Azure regions.
  • Azure Data Lake Store Gen 1 (Microsoft.AzureActiveDirectory): Generally available in all Azure regions where ADLS Gen1 is available.
  • Azure App Service (Microsoft.Web): Generally available in all Azure regions where App service is available.
  • Azure Cognitive Services (Microsoft.CognitiveServices): Generally available in all Azure regions where Cognitive services are available.

DDoS Protection

It provides protection to most sophisticated DDoS threats. This Service provides DDoS Mitigation for your application and resources deployed in your Virtual Network. Customers using DDos protection have access to DDoS Rapid Response support to engage DDoS experts during an attacks.

Azure Private Link:

Azure Private Link is used to connect Azure PaaS service like Azure Storage , SQL Database and Azure Hosted customer-owned/partner service over private endpoint in VNets. Traffic traverse between VNets and PaaS service over Microsoft Backbone network.


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.