Concern : Most of the customer have a requriements for encryption in transit for all traffic and are relecutuant to use vNet peering or connecting between Azure regions they end up spending putting 3rd party solution or use Azure VPN gateway. Becasue vNet peering is un-encrypted even though Microsoft ensure that all the traffic flows via their backbone which never connects to internet.
Solution: Finally Micosoft has released a great feature Azure Virtual Network encryption is a feature of Azure Virtual Networks. Virtual network encryption allows you to seamlessly encrypt and decrypt traffic between Azure Virtual Machines. What is Azure Virtual Network encryption? (Preview) | Microsoft Learn
It address all the usecases
- Communication of Azure resources with the internet.
- Communication between Azure resources.
- Communication with on-premises resources.
- Filtering of network traffic.
- Routing of network traffic.
- Integration with Azure services.
Encryption for Azure Virtual Networks is presently in preview. A service level agreement is not provided with this preview version, and its use with production workloads is not advised. There may be limitations or unsupported features with respect to their capabilities..
In order to ensure an exceptional customer experience, Microsoft are imposing restrictions on access to the public preview of VNet encryption. Existing Azure customers who wish to participate in this public preview will be required to fill out and return this application. The subscription IDs listed below will be granted access to preview the feature once it has been approved. Requests for registration are evaluated in a continuous fashion.
Encryption of virtual networks is provided at no cost.
Please click here Virtual Network (VNet) Encryption – Public Preview Sign Up (office.com) to sign-up for testing this offering.
