Merge pull request #302171 from sfiguemsft/patch-1

denrea · web-flow · commit 1d034a77a120 · 2025-07-02T14:45:18.000-07:00
Azure DNS - GA updates of DNS security policy (securing)
diff --git a/articles/dns/dns-security-policy.md b/articles/dns/dns-security-policy.md
@@ -1,26 +1,21 @@
 ---
-title: Overview of DNS security policy (Preview)
+title: Overview of DNS security policy
 description: Learn how to configure DNS security policy to filter and log DNS queries in your Azure Virtual Network. Display, save, and review DNS queries and responses from the VNET. Block malicious domains and optimize DNS query traffic.
 author: asudbring
 manager: KumuD
 ms.service: azure-dns
 ms.topic: article
-ms.date: 02/24/2025
+ms.date: 07/02/2025
 ms.author: allensu
 # Customer intent: "As a network administrator, I want to configure DNS security policies for my virtual network, so that I can filter and log DNS queries to protect against malicious domains and optimize DNS traffic."
 ---
 
-# DNS security policy (Preview)
+# DNS security policy
 
 This article provides an overview of DNS security policy. Also see the following how-to guide:
 
-- [Secure and view DNS traffic (Preview)](dns-traffic-log-how-to.md).
+- [Secure and view DNS traffic ](dns-traffic-log-how-to.md).
 
-> [!NOTE]
-> DNS security policy is currently in PREVIEW.<br> 
-> See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.<br>
-> Some [Requirements and restrictions](#requirements-and-restrictions) apply to DNS security policy during preview.
- 
 ## What DNS security policy?
 
 DNS security policy offers the ability to filter and log DNS queries at the virtual network (VNet) level. Policy applies to both public and private DNS traffic within a VNet. DNS logs can be sent to a storage account, log analytics workspace, or event hubs. You can choose to allow, alert, or block DNS queries.
@@ -39,7 +34,7 @@ DNS security policy can be configured using Azure PowerShell or the Azure portal
 
 ## Location
 
-A security policy can only apply to VNets in the same region. You can create up to 10 security policies per region during preview. In the following example, two policies are created in each of two different regions (East US and Central US). 
+A security policy can only apply to VNets in the same region. In the following example, two policies are created in each of two different regions (East US and Central US). 
 
 ![Screenshot of the list of DNS security policies.](./media/dns-security-policy/policy-list.png)
 
@@ -105,27 +100,14 @@ When viewing a DNS domain list in the Azure portal, you can also select **Settin
 
 ## Requirements and restrictions
 
-Preview access
-- This DNS security policy preview is offered without a requirement to enroll in a pre-release feature preview.
-
-Virtual network restrictions:
-- DNS security policies can only be applied to VNets in the same region as the DNS security policy.
-- You can link one security policy per VNet. 
-- During preview, a single security policy can be linked to 50 VNets. This limit is increased to 500 for general availability.
-
-Security policy restrictions:
-- During preview, up to 10 security policies are allowed per region. This limit is increased to 1000 for general availability.
-
-DNS traffic rule restrictions:
-- During preview, up to 10 traffic rules are allowed per security policy. This limit is increased to 100 for general availability.
-
-Domain list restrictions:
-- During preview, up to 10 domain lists are allowed per region. This limit is increased to 1000 for general availability.
-
-Domain restrictions:
-- During preview, up to 1000 domains are allowed across all regions. This limit is increased to 100,000 for general availability.
-
+| Restriction Type                 | Limit / Rule                                                                 |
+|----------------------------------|-----------------------------------------------------------------------------|
+| Virtual network restrictions     | - DNS security policies can only be applied to VNets in the same region as the DNS security policy.<br>- You can link one security policy per VNet. |
+| Security policy restrictions     | 1000                                                                        |
+| DNS traffic rule restrictions    | 10                                                                          |
+| Domain list restrictions         | 1000                                                                        |
+| Domain restrictions              | 100,000                                                                     |
 
 ## Related content
 
-- [Secure and view DNS traffic (Preview)](dns-traffic-log-how-to.md).
+- [Secure and view DNS traffic](dns-traffic-log-how-to.md).
