Is traffic within an Azure VNET encrypted?
Question
I'm looking for some information on Azure Virtual Network security for data in transit.
We use Application Gateway to terminate the TLS connection (443) and forward the (unecrypted) request (80) to a backend server in the same virtual network but in a different subnet.
Microsoft states that VNETs are private and secure.
I could not find any information if traffic within a VNET is encrypted. That it wouldn't be possible to inspect traffic from outside of the VNET for anyone.
The HTTP request itself is not encrypted, but would the VNET traffic transporting the request be encrypted?
For inter-region traffic the documentation states: data-link layer encryption using MACsec
1 answers
solution1
1 2022-09-15 11:06:17
Please note that all vnet's are isolated from each other. It means traffic from one VNET cannot reach traffic from another VNET by default and it requires peering. Local IP's under VNET are private IP's and they are non routable. Traffic inside VNET is not encrypted but you can use HTTPS, SMB 3.0 or other protocols to encrypt traffic between services. More info: https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-overview
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.