Final content improvements

Author: normesta

articles/storage/common/storage-network-security-manage-exceptions.md

@@ -43,7 +43,8 @@ For a complete list of trusted Azure services, see [Trusted Azure services](stor
 
 3. Configure the exceptions for the storage account network rules:
 
-    ```powershell    Update-AzStorageAccountNetworkRuleSet -ResourceGroupName "myresourcegroup" -Name "mystorageaccount" -Bypass AzureServices,Metrics,Logging
+    ```powershell    
+    Update-AzStorageAccountNetworkRuleSet -ResourceGroupName "myresourcegroup" -Name "mystorageaccount" -Bypass AzureServices,Metrics,Logging
     ```
 
 4. Remove the exceptions from the storage account network rules:
@@ -64,7 +65,8 @@ For a complete list of trusted Azure services, see [Trusted Azure services](stor
 
 3. Configure the exceptions for the storage account network rules:
 
-    ```azurecli    az storage account update --resource-group "myresourcegroup" --name "mystorageaccount" --bypass Logging Metrics AzureServices
+    ```azurecli    
+    az storage account update --resource-group "myresourcegroup" --name "mystorageaccount" --bypass Logging Metrics AzureServices
     ```
 
 4. Remove the exceptions from the storage account network rules:

articles/storage/common/storage-network-security-overview.md

@@ -28,7 +28,7 @@ Where possible, create private links to your storage account to secure access th
 
 ## Public endpoints
 
-The *public endpoint* of your storage account is accessed through a public IP address. If you use only private endpoints, then you should disable all traffic to the storage account's public IP address. If some clients use a private link, or you choose not to use private endpoints for cost or other reasons, then you can secure the public endpoint of your storage account by using firewall rules or by adding your storage account to a network security perimeter.
+The *public endpoint* of your storage account is accessed through a public IP address. You can secure the public endpoint of your storage account by using firewall rules or by adding your storage account to a network security perimeter.
 
 ### Firewall rules
 

articles/storage/common/storage-network-security.md

@@ -15,7 +15,7 @@ ms.author: normesta
 
 Azure Storage firewall rules provide granular control over network access to your storage account's public endpoint. By default, storage accounts allow connections from any network, but you can restrict access by configuring network rules that define which sources can connect to your storage account.
 
-You can configure four types of network access rules:
+You can configure four types of network rules:
 
 - **Virtual network rules**: Allow traffic from specific subnets within Azure Virtual Networks
 - **IP network rules**: Allow traffic from specific public IP address ranges  
@@ -25,7 +25,7 @@ You can configure four types of network access rules:
 When network rules are configured, only traffic from explicitly allowed sources can access your storage account through its public endpoint. All other traffic is denied.
 
 > [!NOTE]
-> Network rules control network-level access but don't replace authentication and authorization requirements. Clients from allowed sources must still meet the authorization requirements of the storage account. To learn more about account authorization, see [Authorize access to data in Azure Storage](../common/authorize-data-access.md).
+> Clients that make requests from allowed sources must also meet the authorization requirements of the storage account. To learn more about account authorization, see [Authorize access to data in Azure Storage](../common/authorize-data-access.md).
 
 <a id="grant-access-from-a-virtual-network"></a>
 <a id="azure-storage-cross-region-service-endpoints"></a>