Forum Discussion
Network Security Group - Outbound Security Rules for VNET isolation
Are there any Microsoft documented recommendations for mandatory NSG Outbound Security Rules for Azure Virtual Desktop? Key requirment is to ensure there is VNET to VNET isolation. Thanks in ...
Hi kjones.
So we currently have environments on seperate VNETs., host pools, etc, however the default nsg outbound security rules allows traffic outbound to any other VNET. More than likely we just need a deny rule that takes precendence over the default VNET to VNET allow.
Thanks
So we currently have environments on seperate VNETs., host pools, etc, however the default nsg outbound security rules allows traffic outbound to any other VNET. More than likely we just need a deny rule that takes precendence over the default VNET to VNET allow.
Thanks
Redsman13, thanks for the clarification! By default, vNETs cannot talk to each other unless they are peered. As long as you do not peer them together, resources on separate vNETs cannot talk to each other unless they are resources with public endpoints (ex. Storage Accounts, Azure SQL Database, etc.)