Skip to content

Commit 87e9e8e

Browse files
jisparjispar
committed
Added network isolation details
1 parent 7323ad3 commit 87e9e8e

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

articles/virtual-network/service-tags-overview.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,11 @@ ms.reviewer: kumud
1818
# Virtual network service tags
1919
<a name="network-service-tags"></a>
2020

21-
A service tag represents a group of IP address prefixes from a given Azure service. It helps to minimize the complexity of frequent updates to network security rules. You can use service tags to define network access controls on [network security groups](https://docs.microsoft.com/azure/virtual-network/security-overview#security-rules) or [Azure Firewall](https://docs.microsoft.com/azure/firewall/service-tags).
21+
A service tag represents a group of IP address prefixes from a given Azure service. Microsoft manages the address prefixes encompassed by the service tag and automatically updates the service tag as addresses change.
2222

23-
You can use service tags in place of specific IP addresses when you create security rules. By specifying the service tag name (for example, **ApiManagement**) in the appropriate *source* or *destination* field of a rule, you can allow or deny the traffic for the corresponding service. Microsoft manages the address prefixes encompassed by the service tag and automatically updates the service tag as addresses change.
23+
You can use service tags to achieve network isolation and protect your Azure resources from the general Internet while accessing Azure services that have public endpoints. Service tags also help to minimize the complexity of frequent updates to network security rules.
24+
25+
You can use service tags to define network access controls on [network security groups](https://docs.microsoft.com/azure/virtual-network/security-overview#security-rules) or [Azure Firewall](https://docs.microsoft.com/azure/firewall/service-tags). Use service tags in place of specific IP addresses when you create security rules. By specifying the service tag name (for example, **ApiManagement**) in the appropriate *source* or *destination* field of a rule, you can allow or deny the traffic for the corresponding service. 
2426

2527
## Available service tags
2628
The following table includes all the service tags available for use in [network security group](https://docs.microsoft.com/azure/virtual-network/security-overview#security-rules) rules.

0 commit comments

Comments
 (0)