Update storage-network-security-perimeter.md

tjvishnu · web-flow · commit ae6da44ed29a · 2025-07-28T08:31:25.000-07:00
diff --git a/articles/storage/common/storage-network-security-perimeter.md b/articles/storage/common/storage-network-security-perimeter.md
@@ -19,7 +19,7 @@ You can find the list of services that are onboarded to the network security per
 
 ## Access Modes
 
-When onboarding storage accounts to a network security perimeter, you can start in Transition mode (formerly Learning mode) or go straight to [Enforced mode](../../private-link/network-security-perimeter-transition.md#access-mode-configuration-point-on-resource-associations). Transition mode (the default) allows the storage account to fall back to its existing firewall rules or ["trusted services"](https://learn.microsoft.com/azure/storage/common/storage-network-security?tabs=azure-portal#exceptions-for-trusted-azure-services) settings if a perimeter rule doesn’t yet permit a connection. Enforced mode strictly blocks all public inbound and outbound traffic unless explicitly allowed by a network security perimeter rule, ensuring maximum protection for your storage account. In enforced mode, even Azure’s "trusted service" exceptions aren't honored. Relevant Azure resources or specific subscriptions must be explicitly allowed via perimeter rules if needed.
+When onboarding storage accounts to a network security perimeter, you can start in Transition mode (formerly Learning mode) or go straight to [Enforced mode](../../private-link/network-security-perimeter-transition.md#access-mode-configuration-point-on-resource-associations). Transition mode (the default) allows the storage account to fall back to its existing firewall rules or ["trusted services"](../../storage/common/storage-network-security.md#exceptions-for-trusted-azure-services) settings if a perimeter rule doesn’t yet permit a connection. Enforced mode strictly blocks all public inbound and outbound traffic unless explicitly allowed by a network security perimeter rule, ensuring maximum protection for your storage account. In enforced mode, even Azure’s "trusted service" exceptions aren't honored. Relevant Azure resources or specific subscriptions must be explicitly allowed via perimeter rules if needed.
 
 > [!IMPORTANT]
 > Operating Storage accounts in **Transition (formerly Learning)** mode should serve only as a transitional step. Malicious actors may exploit unsecured resources to exfiltrate data. Therefore, it's crucial to transition to a fully secure configuration as soon as possible with the access mode set to **Enforced**.
