|
| 1 | +--- |
| 2 | +title: Compare network isolation configurations |
| 3 | +title-suffix: Azure Machine Learning |
| 4 | +description: "Azure Machine Learning can use both managed and custom virtual networks for network isolation. Learn about the differences between the two configurations." |
| 5 | +author: Blackmist |
| 6 | +ms.author: larryfr |
| 7 | +ms.reviewer: meerakurup |
| 8 | +ms.service: azure-machine-learning |
| 9 | +ms.topic: concept-article #Don't change. |
| 10 | +ms.date: 09/19/2024 |
| 11 | + |
| 12 | +#customer intent: As an administrator, I want to understand the network isolation options so that I can plan my infrastructure. |
| 13 | + |
| 14 | +--- |
| 15 | + |
| 16 | +# Compare network isolation configurations in Azure Machine Learning |
| 17 | + |
| 18 | +For your workspaces, Azure Machine Learning offers two types of outbound network isolation configurations: managed network isolation and custom network isolation. Both offer full network isolation support with its benefits and limitations. This document covers feature support and limitations on both network isolation configurations for you to decide what is best for your needs. |
| 19 | + |
| 20 | +Managed network isolation relies on managed virtual networks, which is a fully managed feature of Azure Machine Learning. Managed network isolation is ideal for users who want to use Azure Machine Learning with minimal configuration and management overhead. Custom network isolation relies on you creating and managing an Azure Virtual Network, which is ideal for customers looking for maximal control over their network configuration. |
| 21 | + |
| 22 | +## Enterprise security needs |
| 23 | + |
| 24 | +Cloud computing enables enterprises to scale up their data and machine learning capabilities, but it also poses new challenges and risks for security and compliance. Enterprises need to ensure that their cloud infrastructure is protected from unauthorized access, tampering, or leakage of data and models. They also need to adhere to the regulations and standards that apply to their industry and domain. |
| 25 | + |
| 26 | +Typical Enterprise requirements include: |
| 27 | + |
| 28 | +- Use network isolation boundary with virtual network to have inbound and outbound control and to have private connection to private azure resources. |
| 29 | +- Avoid exposure to the internet with no public IP solutions and private endpoints. |
| 30 | +- Use virtual network appliances to have better network security capabilities such as firewalling, intrusion detection, vulnerability management, web filtering. |
| 31 | +- Network architecture for AzureML can be integrated with existing network architecture. |
| 32 | + |
| 33 | +## What is a managed or custom virtual network |
| 34 | + |
| 35 | +[Describe a main idea.] |
| 36 | + |
| 37 | +## When to use managed or custom virtual networks |
| 38 | + |
| 39 | +[Describe a main idea.] |
| 40 | + |
| 41 | +<!-- Required: Main ideas - H2 |
| 42 | +
|
| 43 | +Use one or more H2 sections to describe the main ideas |
| 44 | +of the concept. |
| 45 | +
|
| 46 | +Follow each H2 heading with a sentence about how |
| 47 | +the section contributes to the whole. Then, describe |
| 48 | +the concept's critical features as you define what it is. |
| 49 | +
|
| 50 | +--> |
| 51 | + |
| 52 | +## Related content |
| 53 | + |
| 54 | +- [Related article title](link.md) |
| 55 | +- [Related article title](link.md) |
| 56 | +- [Related article title](link.md) |
| 57 | + |
| 58 | +<!-- Optional: Related content - H2 |
| 59 | +
|
| 60 | +Consider including a "Related content" H2 section that |
| 61 | +lists links to 1 to 3 articles the user might find helpful. |
| 62 | +
|
| 63 | +--> |
| 64 | + |
| 65 | +<!-- |
| 66 | +
|
| 67 | +Remove all comments except the customer intent |
| 68 | +before you sign off or merge to the main branch. |
| 69 | +
|
| 70 | +--> |
0 commit comments