You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-netapp-files/faq-security.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,19 +21,19 @@ NFSv3 protocol doesn't provide support for encryption, so this data-in-flight ca
21
21
22
22
## Can the storage be encrypted at rest?
23
23
24
-
All Azure NetApp Files volumes are encrypted using the FIPS 140-2 standard. All keys aremanaged by the Azure NetApp Files service.
24
+
All Azure NetApp Files volumes are encrypted using the FIPS 140-2 standard. Learn [how encryption keys managed](#how-are-encryption-keys-managed).
25
25
26
26
## Is Azure NetApp Files cross-region replication traffic encrypted?
27
27
28
28
Azure NetApp Files cross-region replication uses TLS 1.2 AES-256 GCM encryption to encrypt all data transferred between the source volume and destination volume. This encryption is in addition to the [Azure MACSec encryption](../security/fundamentals/encryption-overview.md) that is on by default for all Azure traffic, including Azure NetApp Files cross-region replication.
29
29
30
30
## How are encryption keys managed?
31
31
32
-
Key management for Azure NetApp Files is handled by the service. A unique XTS-AES-256 data encryption key is generated for each volume. An encryption key hierarchy is used to encrypt and protect all volume keys. These encryption keys are never displayed or reported in an unencrypted format. When you delete a volume, Azure NetApp Files immediately deletes the volume's encryption keys.
32
+
By default key management for Azure NetApp Files is handled by the service, using [platform-managed keys](../security/fundamentals/key-management.md). A unique XTS-AES-256 data encryption key is generated for each volume. An encryption key hierarchy is used to encrypt and protect all volume keys. These encryption keys are never displayed or reported in an unencrypted format. When you delete a volume, Azure NetApp Files immediately deletes the volume's encryption keys.
33
33
34
-
Customer-managed keys (Bring Your Own Key) using Azure Dedicated HSM is supported on a controlled basis. Support is currently available in the East US, South Central US, West US 2, and US Gov Virginia regions. You can request access at [[email protected]](mailto:[email protected]). As capacity becomes available, requests will be approved.
34
+
Alternatively, [customer-managed keys for Azure NetApp Files volume encryption](configure-customer-managed-keys.md) can be used where keys are stored in [Azure Key Vault](../key-vault/general/basic-concepts.md). With customer-managed keys, you can fully manage the relationship between a key's life cycle, key usage permissions, and auditing operations on keys.
35
35
36
-
[Customer-managed keys](configure-customer-managed-keys.md) are available with limited regional support.
36
+
Lastly, customer-managed keys using Azure Dedicated HSM is supported on a controlled basis. Support is currently available in the East US, South Central US, West US 2, and US Gov Virginia regions. You can request access at [[email protected]](mailto:[email protected]). As capacity becomes available, requests will be approved.
37
37
38
38
## Can I configure the NFS export policy rules to control access to the Azure NetApp Files service mount target?
Yes, Azure NetApp Files supports [Alternate Data Streams (ADS)](/openspecs/windows_protocols/ms-fscc/e2b19412-a925-4360-b009-86e3b8a020c8) by default on [SMB volumes](azure-netapp-files-create-volumes-smb.md) and [dual-protocol volumes configured with NTFS security style](create-volumes-dual-protocol.md#considerations) when accessed via SMB.
106
106
107
+
## What are SMB/CIFS `oplocks` and are they enabled on Azure NetApp Files volumes?
108
+
109
+
SMB/CIFS oplocks (opportunistic locks) enable the redirector on a SMB/CIFS client in certain file-sharing scenarios to perform client-side caching of read-ahead, write-behind, and lock information. A client can then work with a file (read or write it) without regularly reminding the server that it needs access to the file. This improves performance by reducing network traffic. SMB/CIFS oplocks are enabled on Azure NetApp Files SMB and dual-protocol volumes.
110
+
107
111
## Next steps
108
112
109
113
-[FAQs about SMB performance for Azure NetApp Files](azure-netapp-files-smb-performance.md)
Copy file name to clipboardExpand all lines: articles/cognitive-services/openai/how-to/monitoring.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ ms.service: cognitive-services
7
7
ms.subservice: openai
8
8
ms.topic: how-to
9
9
ms.custom: subject-monitoring
10
-
ms.date: 02/13/2023
10
+
ms.date: 03/15/2023
11
11
---
12
12
13
13
# Monitoring Azure OpenAI Service
@@ -18,7 +18,7 @@ This article describes the monitoring data generated by Azure OpenAI Service. Az
18
18
19
19
## Monitoring data
20
20
21
-
Azure OpenAI collects the same kinds of monitoring data as other Azure resources that are described in [Monitoring data from Azure resources](../../../azure-monitor/essentials/monitor-azure-resource.md#monitoring-data-from-Azure-resources).
21
+
Azure OpenAI collects the same kinds of monitoring data as other Azure resources that are described in [Monitoring data from Azure resources](../../../azure-monitor/essentials/monitor-azure-resource.md#monitoring-data).
22
22
23
23
## Collection and routing
24
24
@@ -111,7 +111,7 @@ Every organization's alerting needs are going to vary, and will also evolve over
111
111
112
112
Errors below certain thresholds can often be evaluated through regular analysis of data in Azure Monitor Logs. As you analyze your log data over time, you may also find that a certain condition not occurring for a long enough period of time might be valuable to track with alerts. Sometimes the absence of an event in a log is just as important a signal as an error.
113
113
114
-
Depending on what type of application you're developing in conjunction with your use of Azure OpenAI, [Azure Monitor Application Insights](../../../azure-monitor/overview.md#application-insights) may offer additional monitoring benefits at the application layer.
114
+
Depending on what type of application you're developing in conjunction with your use of Azure OpenAI, [Azure Monitor Application Insights](../../../azure-monitor/overview.md#insights-and-visualizations) may offer additional monitoring benefits at the application layer.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments