Improved Correctness score

sreekzz · web-flow · commit 5dd771434a20 · 2024-05-23T19:17:31.000+05:30
diff --git a/articles/hdinsight/hdinsight-restrict-outbound-traffic.md b/articles/hdinsight/hdinsight-restrict-outbound-traffic.md
@@ -26,7 +26,7 @@ A summary of the steps to lock down egress from your existing HDInsight with Azu
 
 1. Create a subnet.
 1. Create a firewall.
-1. Add application rules to the firewall.
+1. `Add application` rules to the firewall.
 1. Add network rules to the firewall.
 1. Create a routing table.
 
@@ -66,7 +66,7 @@ Create an application rule collection that allows the cluster to send and receiv
 
     **Target FQDNs section**
 
-    | Name | Source addresses | Protocol:Port | Target FQDNS | Notes |
+    | Name | Source addresses | Protocol: Port | Target FQDNS | Notes |
     | --- | --- | --- | --- | --- |
     | Rule_2 | * | https:443 | login.windows.net | Allows Windows login activity |
     | Rule_3 | * | https:443 | login.microsoftonline.com | Allows Windows login activity |
@@ -81,9 +81,9 @@ Create an application rule collection that allows the cluster to send and receiv
 
 Create the network rules to correctly configure your HDInsight cluster. 
 
-1. Continuing from the prior step, navigate to **Network rule collection** > **+ Add network rule collection**.
+1. Continuing from the prior step, navigate to **Network rule collection** > `+ Add network rule collection`.
 
-1. On the **Add network rule collection** screen, provide the following information:
+1. On the `Add network rule collection` screen, provide the following information:
 
     **Top section**
 
@@ -97,7 +97,7 @@ Create the network rules to correctly configure your HDInsight cluster.
 
     | Name | Protocol | Source Addresses | Service Tags | Destination Ports | Notes |
     | --- | --- | --- | --- | --- | --- |
-    | Rule_6 | TCP | * | SQL | 1433 , 11000-11999 | If you are using the default sql servers provided by HDInsight, configure a network rule in the Service Tags section for SQL that will allow you to log and audit SQL traffic. Unless you configured Service Endpoints for SQL Server on the HDInsight subnet, which will bypass the firewall. If you are using custom SQL server for Ambari, Oozie, Ranger and Hive metastores then you only need to allow the traffic to your own custom SQL Servers. Refer to [Azure SQL Database and Azure Synapse Analytics connectivity architecture](/azure/azure-sql/database/connectivity-architecture) to see why 11000-11999 port range is also needed in addition to 1433. |
+    | Rule_6 | TCP | * | SQL | 1433, 11000-11999 | If you are using the default sql servers provided by HDInsight, configure a network rule in the Service Tags section for SQL that will allow you to log and audit SQL traffic. Unless you configured Service Endpoints for SQL Server on the HDInsight subnet, which will bypass the firewall. If you are using custom SQL server for Ambari, Oozie, Ranger and Hive metastore then you only need to allow the traffic to your own custom SQL Servers. Refer to [Azure SQL Database and Azure Synapse Analytics connectivity architecture](/azure/azure-sql/database/connectivity-architecture) to see why 11000-11999 port range is also needed in addition to 1433. |
     | Rule_7 | TCP | * | Azure Monitor | * | (optional) Customers who plan to use auto scale feature should add this rule. |
     
    :::image type="content" source="./media/hdinsight-restrict-outbound-traffic/hdinsight-restrict-outbound-traffic-add-network-rule-collection.png" alt-text="Title: Enter application rule collection.":::
