Traffic over a private endpoint bypasses Azure Firewall, hence can not be filtered. Azure Firewall cannot inspect and control traffic over private endpoints. Private endpoints are created in your virtual network (VNet) and provide private connectivity to Azure services without the need to expose the services to the public internet. Private endpoints use a private IP address from your VNet, and traffic between your VNet and the Azure service is routed over the Azure backbone network.
If there is a need to inspect and control traffic over a private endpoint, you can use a network virtual appliance (NVA). An NVA is a software-based networking device that can be deployed in your VNet to inspect and control traffic.
Here are some of the benefits of using a private endpoint :
- Improved security: Private endpoints help to improve the security by preventing unauthorized access.
- Reduced costs: Private endpoints can help to reduce your costs by eliminating the need to use public IP addresses for Azure services.
- Improved performance: Private endpoints can help to improve the performance by reducing latency and improving network reliability
No comments:
Post a Comment