Update network req for Purview-ADF lineage

linda33wj · linda33wj · commit 285e126187b7 · 2023-08-07T16:03:43.000+08:00
diff --git a/articles/data-factory/how-to-access-secured-purview-account.md b/articles/data-factory/how-to-access-secured-purview-account.md
@@ -6,7 +6,7 @@ author: jianleishen
 ms.service: data-factory
 ms.topic: conceptual
 ms.custom: [seo-lt-2019, references_regions]
-ms.date: 07/17/2023
+ms.date: 08/07/2023
 ---
 
 # Access a secured Microsoft Purview account from Azure Data Factory
@@ -15,13 +15,21 @@ This article describes how to access a secured Microsoft Purview account from Az
 
 ## Microsoft Purview private endpoint deployment scenarios
 
+Microsoft Purview provides different options of [firewall settings](/purview/catalog-firewall). Refer to the following pipeline lineage support matrix for each Data Factory integration runtime type. 
+
+| Microsoft Purview firewall settings | Azure integration runtime | Azure integration runtime with managed virtual network       | Self-hosted integration runtime                              |
+| ----------------------------------- | ------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ |
+| Enabled from all networks           | Supported                 | Supported                                                    | Supported                                                    |
+| Disabled for ingestion only         | Supported                 | Supported                                                    | Supported, ***ingestion*** private endpoints are required    |
+| Disabled from all networks          | Unsupported               | Supported, ***account*** and ***ingestion*** private endpoints are required | Supported, ***account*** and ***ingestion*** private endpoints are required |
+
 You can use [Azure private endpoints](../private-link/private-endpoint-overview.md) for your Microsoft Purview accounts to allow secure access from a virtual network (VNet) to the catalog over a Private Link. Microsoft Purview provides different types of private points for various access need: *account* private endpoint, *portal* private endpoint, and *ingestion* private endpoints. Learn more from [Microsoft Purview private endpoints conceptual overview](../purview/catalog-private-link.md#conceptual-overview). 
 
-If your Microsoft Purview account is protected by firewall and denies public access, make sure you follow below checklist to set up the private endpoints so Data Factory can successfully connect to Microsoft Purview. 
+When private endpoints are needed, make sure you follow below instruction to set them up so Data Factory can successfully connect to Microsoft Purview. If the integration runtime cannot connect to Purview, you will see lineage status as failed on the activity run monitoring, and may experience slight longer activity execution duration because the integration runtime tries to establish the connection and wait until the default timeout is hit.
 
-| Scenario                                                     | Required Microsoft Purview private endpoints                           |
+| Scenario                                                     | Required Microsoft Purview private endpoints                 |
 | ------------------------------------------------------------ | ------------------------------------------------------------ |
-| [Run pipeline and report lineage to Microsoft](tutorial-push-lineage-to-purview.md) | For Data Factory pipeline to push lineage to Microsoft, Microsoft Purview ***account*** and ***ingestion*** private endpoints are required. <br>- When using **Azure Integration Runtime**, follow the steps in [Managed private endpoints for Microsoft Purview](#managed-private-endpoints-for-microsoft-purview) section to create managed private endpoints in the Data Factory managed virtual network.<br>- When using **Self-hosted Integration Runtime**, follow the steps in [this section](../purview/catalog-private-link-end-to-end.md#option-2---enable-account-portal-and-ingestion-private-endpoint-on-existing-microsoft-purview-accounts) to create the *account* and *ingestion* private endpoints in your integration runtime's virtual network. |
+| [Run pipeline and report lineage to Microsoft](tutorial-push-lineage-to-purview.md) | For Data Factory pipeline to push lineage to Microsoft Purview: <br>- When using **Azure Integration Runtime**, follow the steps in [Managed private endpoints for Microsoft Purview](#managed-private-endpoints-for-microsoft-purview) section to create managed private endpoints in the Data Factory managed virtual network.<br>- When using **Self-hosted Integration Runtime**, follow the steps in [this section](../purview/catalog-private-link-end-to-end.md#option-2---enable-account-portal-and-ingestion-private-endpoint-on-existing-microsoft-purview-accounts) to create the ***account*** and ***ingestion*** private endpoints in your integration runtime's virtual network. |
 | [Discover and explore data using Microsoft on ADF UI](how-to-discover-explore-purview-data.md) | To use the search bar at the top center of Data Factory authoring UI to search for Microsoft Purview data and perform actions, you need to create Microsoft Purview ***account*** and ***portal*** private endpoints in the virtual network that you launch the Data Factory Studio. Follow the steps in [Enable *account* and *portal* private endpoint](../purview/catalog-private-link-account-portal.md#option-2---enable-account-and-portal-private-endpoint-on-existing-microsoft-purview-accounts). |
 
 ## Managed private endpoints for Microsoft Purview
