Differences

This shows you the differences between two versions of the page.

--- azure:az-500:july_2023:networking [2023/07/21 12:34] – [Service Endpoints/Private Endpoints] mmuze
+++ azure:az-500:july_2023:networking [2023/07/21 16:35] (current) – mmuze
@@ Line 16: / Line 16: @@
 ====== Application Gateway ======
-  * An AppGateway combines a  L7 load-balancer and WAF
+  * An App Gateway combines a L7 load-balancer and WAF
   * Logs can be sent to EventHub, Log Analytics or Azure Storage
   * Alerts can be sent to Security Center
@@ Line 35: / Line 35: @@
 ====== Service Endpoints/Private Endpoints ======
   * Service Endpoints limits access to specified VNets for all instances of a PaaS service via the Microsoft backbone network (instead of the internet)
+>With service endpoints, service traffic switches to use virtual network private addresses as the source IP addresses when accessing the Azure service from a virtual network. This switch allows you to access the services without the need for reserved, public IP addresses used in IP firewalls.
   * Private Endpoints (PEs) limits access to specific instances of PaaS services to go over a private network integrated with a customer VNet
   * NSGs don't factor into PEs since the resource is mapped to an IP in the VNet.
@@ Line 41: / Line 44: @@
   * Private Link is the Azure service provided by various PaaS services that enables Private Endpoints. There can be third-party Private Link services in an addition to the Azure provided ones.
   * A Private Endpoint must be deployed in the same region and subscription as the VNet, but the Private Link service can be deployed in a different region and the VNet and PE
+  * You can enable Private Link for your own apps/services by putting them behind a Azure Load Balancer
 ===== Exam Tip =====
   * Know the use cases for Private Endpoints
+====== Encryption in transit ======
+===== Exam Tip =====
+  * Walk through the App Service managed certificate configuration before exam