edits

Author: v-stsavell

articles/reliability/reliability-virtual-network.md

@@ -6,8 +6,9 @@ ms.author: allensu
 ms.topic: reliability-article
 ms.custom: subject-reliability
 ms.service: azure-virtual-network
-ms.date: 05/20/2025s
+ms.date: 05/20/2025
 #Customer intent: As an engineer responsible for business continuity, I want to understand who needs to understand the details of how Azure Virtual Network works from a reliability perspective and plan disaster recovery strategies in alignment with the exact processes that Azure services follow during different kinds of situations.
+
 ---
 
 # Reliability in Azure Virtual Network
@@ -16,37 +17,37 @@ This article describes reliability support in Azure Virtual Network, covering in
 
 [!INCLUDE [Shared responsibility description](includes/reliability-shared-responsibility-include.md)]
 
-A virtual network is a logical representation of your network in the cloud. You can use a virtual network to define your own private IP address space and segment the network into subnets. Virtual networks serve as a trust boundary to host your compute resources such as Azure Virtual Machines and load balancers. A virtual network allows direct private IP communication between the resources that are hosted in it. To enable hybrid cloud scenarios and securely extend your datacenter into Azure, you can link a virtual network to an on-premises network through a VPN Gateway or Azure ExpressRoute. 
+A virtual network is a logical representation of your network in the cloud. You can use a virtual network to define your own private IP address space and segment the network into subnets. Virtual networks serve as a trust boundary to host your compute resources such as Azure Virtual Machines and load balancers. A virtual network enables direct private IP communication between the resources that it hosts. To enable hybrid cloud scenarios and securely extend your datacenter into Azure, you can link a virtual network to an on-premises network through a VPN Gateway or Azure ExpressRoute. 
 
 ## Production deployment recommendations
 
 As you build your virtual network in Azure, it's important to improve the reliability of your solution by keeping in mind the following universal design principles:
 
-- Ensure that address spaces don't overlap. Ensure that your virtual network address space (classless inter-domain routing block) doesn't overlap with your organization's other network ranges.
+- **Avoid overlapping address spaces.** Ensure that your virtual network address space, defined as a classless inter-domain routing block, doesn't overlap with your organization's other network ranges.
 
-- Your subnets shouldn't cover the entire address space of the virtual network. Plan ahead and reserve some address space for the future.
+- **Reserve address space for future growth.** Your subnets shouldn't cover the entire address space of the virtual network. Plan ahead and reserve some address space for the future.
 
-- To reduce management overhead, use a few large virtual networks instead of multiple small ones.
+- **Consolidate your networks.** To reduce management overhead, use a few large virtual networks instead of multiple small virtual networks.
 
-- Secure your virtual networks by assigning network security groups (NSGs) to the subnets beneath them.
+- **Secure your networks.** Secure your virtual networks by assigning network security groups (NSGs) to the subnets beneath them.
 
 For more information about how to design your Azure virtual network with reliability principles in mind, see [Architecture best practices for Virtual Network](/azure/well-architected/service-guides/virtual-network).
 
 ## Reliability architecture overview
 
-A virtual network is one of several core networking components in Azure. When you create a virtual network, you create a set of resources that collectively define your networking configuration. These resources include:
+A virtual network is one of several core networking components in Azure. When you create a virtual network, you create a set of resources that collectively define your networking configuration. These resources include the following network components:
 
-- NSGs and application security groups, which restrict communication between parts of your network.
+- NSGs and application security groups, which restrict communication between parts of your network
 
-- User-defined routes, which control how traffic flows.
+- User-defined routes, which control how traffic flows
 
-- Load balancers, which distribute traffic within your network.
+- Load balancers, which distribute traffic within your network
 
-- Public IP addresses, which provide connectivity to and from the internet.
+- Public IP addresses, which provide connectivity to and from the internet
 
-- Network interface cards, which provide network connectivity to Azure virtual machines (VMs).
+- Network interface cards, which provide network connectivity to Azure virtual machines (VMs)
 
-- Private endpoints, which provide private connectivity to Azure services and to resources outside of your own virtual network.
+- Private endpoints, which provide private connectivity to Azure services and to resources outside of your own virtual network
 
 You might also deploy *appliances*, such as ExpressRoute gateways, VPN gateways, and firewalls. Appliances provide services to support your networking requirements, such as connecting to on-premises environments or providing sophisticated controls on traffic flow.
 
@@ -63,7 +64,7 @@ For more information about networking in Azure, see [Networking architecture des
 
 [!INCLUDE [Transient fault description](includes/reliability-transient-fault-description-include.md)]
 
-Transient faults don't usually affect virtual networks. However, transient faults might affect resources deployed within a virtual network. For more information about transient fault handling behaviors, see [Azure service reliability guides](./overview-reliability-guidance.md).
+Transient faults don't usually affect virtual networks. However, transient faults might affect resources deployed within a virtual network. Review the [reliability guide for each resource](./overview-reliability-guidance.md) that you use to understand their transient fault handling behaviors.
 
 ## Availability zone support
 
@@ -75,7 +76,7 @@ You don't need to divide your virtual networks or subnets by availability zones
 
 ### Region support
 
-Zone-redundant virtual networks can be deployed in [any region that supports availability zones](./regions-list.md).
+Zone-redundant virtual networks can be deployed in any [region that supports availability zones](./regions-list.md).
 
 ### Cost
 
@@ -89,13 +90,13 @@ Zone redundancy is configured automatically when a virtual network is deployed i
 
 Azure virtual networks are designed to be resilient to zone failures. When a zone becomes unavailable, Virtual Network automatically reroutes virtual network requests to the remaining zones. This process is seamless and doesn't require any action from you.
 
-However, any resources within the virtual network need to be considered individually, because each resource might have a different set of behaviors during the loss of an availability zone. Consult the [reliability guide for each resource](./overview-reliability-guidance.md) that you use to understand their availability zone support and behavior when a zone is unavailable.
+However, any resources within the virtual network need to be considered individually, because each resource might have a different set of behaviors during the loss of an availability zone. Review the [reliability guide for each resource](./overview-reliability-guidance.md) that you use to understand their availability zone support and behavior when a zone is unavailable.
 
 ### Failback
 
 When the zone recovers, Microsoft initiates a failback process to ensure that virtual networks continue to work in the recovered zone. The failback process is automatic and doesn't require any action from you.
 
-However, you should verify the failback behaviors of any resources you deploy within the virtual network. For more information, see the [reliability guide for each resource](./overview-reliability-guidance.md).
+However, you should verify the failback behaviors of any resources that you deploy within the virtual network. For more information, see the [reliability guide for each resource](./overview-reliability-guidance.md).
 
 ### Testing for zone failures
 
@@ -109,23 +110,23 @@ Virtual Network is a single-region service. If the region becomes unavailable, y
 
 You can create virtual networks in multiple regions. You can also choose to connect those networks by *peering* them together.
 
-By creating virtual networks and other resources in multiple regions, you can be resilient to regional outages. However, you need to consider many factors, including:
+By creating virtual networks and other resources in multiple regions, you can be resilient to regional outages. However, you need to consider the following factors:
 
 - **Traffic routing:** If you host internet-facing services in the virtual network, you need to decide how to route incoming traffic among your regions and components. With services such as Azure Traffic Manager and Azure Front Door, you can route internet traffic based on rules you specify.
 
-- **Failover:** If an Azure region is unavailable, you typically need to *fail over* by processing traffic in healthy regions. Azure Traffic Manager and Azure Front Door provide failover capabilities for internet applications.      
+- **Failover:** If an Azure region is unavailable, you typically need to *fail over* by processing traffic in healthy regions. Traffic Manager and Azure Front Door provide failover capabilities for internet applications.      
 
 - **Management:** Each virtual network is a separate resource and needs to be configured and managed independently from other virtual networks.
 
-- **IP address space:** You need to decide how to allocate IP addresses when you create multiple virtual networks. You can create multiple virtual networks using the same private IP address space in different regions. However, you can't peer (connect) two virtual networks with the same address space to your on-premises network, as it would cause routing issues. If you plan to create a multi-network design, IP address planning is an important consideration.
+- **IP address space:** Determine how to allocate IP addresses when you create multiple virtual networks. You can create multiple virtual networks by using the same private IP address space in different regions. However, you can't peer, or connect, two virtual networks with the same address space to your on-premises network because it would cause routing issues. If you plan to create a multi-network design, IP address planning is an important consideration.
 
-Virtual networks are fairly lightweight resources. You can invoke Azure APIs to create a virtual network with the same address space in a different region. However, to recreate the same environment that was present in the affected region, you must redeploy the VMs and other resources. If you have on-premises connectivity, such as in a hybrid deployment, you have to deploy a new VPN Gateway, and connect to your on-premises network.
+Virtual networks don't require a lot of resources to run. You can invoke Azure APIs to create a virtual network with the same address space in a different region. However, to recreate the same environment that was present in the affected region, you must redeploy the VMs and other resources. If you have on-premises connectivity, such as in a hybrid deployment, you have to deploy a new VPN Gateway and connect to your on-premises network.
 
 For more information about a multi-region networking architecture for web applications, see [Multi-region load balancing with Traffic Manager, Azure Firewall, and Application Gateway](/azure/architecture/high-availability/reference-architecture-traffic-manager-application-gateway).
 
 ## Backups
 
-Azure virtual networks don't store any data that would require backup. However, you can use Bicep, Azure Resource Manager templates, or Terraform to take a snapshot of the configuration of a virtual network if you need to recreate it. To learn more, see [Quickstart: Create an Azure virtual network](../virtual-network/quickstart-create-virtual-network.md).
+Azure virtual networks don't store any data that requires backup. However, you can use Bicep, Azure Resource Manager templates, or Terraform to take a snapshot of the configuration of a virtual network if you need to recreate it. For more information, see [Quickstart: Create an Azure virtual network](../virtual-network/quickstart-create-virtual-network.md).
 
 ## Service-level agreement
 
@@ -134,4 +135,3 @@ Because of the nature of the service provided, there isn't a defined service-lev
 ## Related content
 
 [Availability zones](availability-zones-overview.md)
-