VM to VM Encryption within local virtual network

%3CLINGO-SUB%20id%3D%22lingo-sub-116519%22%20slang%3D%22en-US%22%3EVM%20to%20VM%20Encryption%20within%20local%20virtual%20network%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-116519%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20there%20a%20way%20to%20encrypt%20communications%20between%20VM's%20within%20the%20same%20virtual%20network%3F%20We%20are%20in%20Healthcare%20and%20this%20is%20one%20of%20the%20must%20haves.%20i.e.%20We%20have%20a%20PDC%20in%20an%20Azure%20VM%20synching%20with%20Azure%20AD%20and%20several%20Azure%20VM%20servers%20on%20the%20same%20azure%20virtual%20network.%20We%20need%20to%20be%20able%20to%20transparently%20encrypt%20the%20data%20in%20transit%20between%20the%20VM's%20so%20that%20copying%20files%20over%20a%20network%20share%20between%20the%20machines%20is%20encrypted.%20Is%20this%20inherent%20in%20an%20Azure%20virtual%20network%20or%20is%20there%20some%20policy%20or%20combinations%20of%20settings%20that%20need%20to%20be%20enabled.%20The%20current%20OS%20is%20Windows%20Server%202012%20R2%20Datacenter.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-116519%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EVirtual%20Network%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-116575%22%20slang%3D%22en-US%22%3ERe%3A%20VM%20to%20VM%20Encryption%20within%20local%20virtual%20network%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-116575%22%20slang%3D%22en-US%22%3EHello%20Lee%2C%3CBR%20%2F%3E%3CBR%20%2F%3EI%20understand%20the%20requirements.%20I'd%20encourage%20you%20to%20check%20out%20the%20following%20resource%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Fazure-security-network-security-best-practices%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Fazure-security-network-security-best-practices%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EUsually%20its%20safe%20to%20say%20that%20a%20private%20network%20is%20isolated%20from%20the%20rest%20of%20everything%20unless%20explicitly%20allowing%20traffic.%20Also%2C%20if%20you're%20concerned%20about%20data%20being%20encrypted%20at%20rest%20and%20in%20transit%20you%20could%20just%20copy%20through%20RDP%20or%20SSH%20on%20Windows.%20There%20are%20a%20number%20of%20options.%20Hope%20this%20helps!%3CBR%20%2F%3E%3CBR%20%2F%3ECody%3C%2FLINGO-BODY%3E
Occasional Visitor

Is there a way to encrypt communications between VM's within the same virtual network? We are in Healthcare and this is one of the must haves. i.e. We have a PDC in an Azure VM synching with Azure AD and several Azure VM servers on the same azure virtual network. We need to be able to transparently encrypt the data in transit between the VM's so that copying files over a network share between the machines is encrypted. Is this inherent in an Azure virtual network or is there some policy or combinations of settings that need to be enabled. The current OS is Windows Server 2012 R2 Datacenter. 

1 Reply
Hello Lee,

I understand the requirements. I'd encourage you to check out the following resource: https://docs.microsoft.com/en-us/azure/security/azure-security-network-security-best-practices

Usually its safe to say that a private network is isolated from the rest of everything unless explicitly allowing traffic. Also, if you're concerned about data being encrypted at rest and in transit you could just copy through RDP or SSH on Windows. There are a number of options. Hope this helps!

Cody