![]() ![]() ![]() ![]() Reference: Virtual network configuration reference: API Management NS-2: Secure cloud services with network controls Features Azure Private Linkĭescription: Service native IP filtering capability for filtering network traffic (not to be confused with NSG or Azure Firewall). Note: Configure NSG rules for API Management If any of these ports are unavailable, API Management may not operate properly and may become inaccessible. Be aware that by default, NSGs deny all inbound traffic but allow traffic from virtual network and Azure Load Balancers.Ĭaution: When configuring an NSG on the API Management subnet, there are a set of ports that are required to be open. Create NSG rules to restrict your service's open ports (such as preventing management ports from being accessed from untrusted networks). SupportedĬonfiguration Guidance: Deploy network security groups (NSG) to your API Management subnets to restrict or monitor traffic by port, protocol, source IP address, or destination IP address. Reference: Use a virtual network with Azure API Management Network Security Group Supportĭescription: Service network traffic respects Network Security Groups rule assignment on its subnets. The gateway can access resources within the virtual network. Internal: the API Management gateway and developer portal are accessible only from within the virtual network via an internal load balancer.External: the API Management gateway and developer portal are accessible from the public internet via an external load balancer.The developer portal and API Management gateway can be configured to be accessible either from the Internet (External) or only within the Vnet (Internal). SupportedĬonfiguration Guidance: Deploy Azure API Management inside an Azure Virtual Network (VNET), so it can access backend services within the network. NS-1: Establish network segmentation boundaries Features Virtual Network Integrationĭescription: Service supports deployment into customer's private Virtual Network (VNet). Service can be deployed into customer's virtual networkįor more information, see the Microsoft cloud security benchmark: Network security. The security profile summarizes high-impact behaviors of API Management, which may result in increased security considerations. To see how API Management completely maps to the Microsoft cloud security benchmark, see the full API Management security baseline mapping file. Features not applicable to API Management have been excluded. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |