[英]Is traffic within an Azure VNET encrypted?
I'm looking for some information on Azure Virtual Network security for data in transit.我正在寻找有关传输数据的 Azure 虚拟网络安全性的一些信息。
We use Application Gateway to terminate the TLS connection (443) and forward the (unecrypted) request (80) to a backend server in the same virtual network but in a different subnet.我们使用应用程序网关来终止 TLS 连接 (443) 并将(未加密的)请求 (80) 转发到同一虚拟网络中但位于不同子网中的后端服务器。
Microsoft states that VNETs are private and secure. Microsoft 声明 VNET 是私有且安全的。
I could not find any information if traffic within a VNET is encrypted.如果 VNET 中的流量被加密,我找不到任何信息。 That it wouldn't be possible to inspect traffic from outside of the VNET for anyone.
不可能为任何人检查来自 VNET 外部的流量。
The HTTP request itself is not encrypted, but would the VNET traffic transporting the request be encrypted? HTTP 请求本身未加密,但传输请求的 VNET 流量是否会加密?
For inter-region traffic the documentation states: data-link layer encryption using MACsec对于区域间流量,文档状态:使用 MACsec 的数据链路层加密
Please note that all vnet's are isolated from each other.请注意,所有 vnet 都是相互隔离的。 It means traffic from one VNET cannot reach traffic from another VNET by default and it requires peering.
这意味着默认情况下,来自一个 VNET 的流量无法到达来自另一个 VNET 的流量,并且需要对等互连。 Local IP's under VNET are private IP's and they are non routable.
VNET 下的本地 IP 是私有 IP,它们是不可路由的。 Traffic inside VNET is not encrypted but you can use HTTPS, SMB 3.0 or other protocols to encrypt traffic between services.
VNET 内部的流量未加密,但您可以使用 HTTPS、SMB 3.0 或其他协议对服务之间的流量进行加密。 More info: https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
更多信息: https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.