Merge pull request #104013 from dlepow/acrfix

[ACR] MCR firewall rules

Author: PRMerger20

articles/container-registry/container-registry-firewall-access-rules.md

@@ -2,7 +2,7 @@
 title: Firewall access rules
 description: Configure rules to access an Azure container registry from behind a firewall, by allowing access to ("whitelisting") REST API and storage endpoint domain names or service-specific IP address ranges.
 ms.topic: article
-ms.date: 07/17/2019
+ms.date: 02/11/2020
 ---
 
 # Configure rules to access an Azure container registry behind a firewall
@@ -111,6 +111,10 @@ In an Azure virtual network, use network security rules to filter traffic from a
 
 For example, create an outbound network security group rule with destination **AzureContainerRegistry** to allow traffic to an Azure container registry. To allow access to the service tag only in a specific region, specify the region in the following format: **AzureContainerRegistry**.[*region name*].
 
+## Configure client firewall rules for MCR
+
+If you need to access Microsoft Container Registry (MCR) from behind a firewall, see the guidance to configure [MCR client firewall rules](https://github.com/microsoft/containerregistry/blob/master/client-firewall-rules.md). MCR is the primary registry for all Microsoft-published docker images, such as Windows Server images.
+
 ## Next steps
 
 * Learn about [Azure best practices for network security](../security/fundamentals/network-best-practices.md)