Committed reviewer comments

Author: Igor Pagliai

articles/firewall-manager/secure-cloud-network-powershell.md

@@ -22,7 +22,7 @@ In this tutorial, you learn how to:
 > * Test connectivity
 
 > [!IMPORTANT]
-> Virtual WAN is a collection of hubs and services made available inside the hub. The user can have as many Virtual WAN per their need. In a Virtual WAN hub, there are multiple services like VPN, ExpressRoute etc. Each of these services is automatically deployed across **Availability Zones** *except* Azure Firewall, if the region supports Availability Zones. To upgrade an existing Azure Virtual WAN Hub to Secure Hub and have the Azure Firewall leveraging Availability Zones, PowerShell code must be used, as described in this article, see section below. 
+> A Virtual WAN is a collection of hubs and services made available inside the hub. You can deploy as many Virtual WANs that you need. In a Virtual WAN hub, there are multiple services such as VPN, ExpressRoute, and so on. Each of these services is automatically deployed across **Availability Zones** *except* Azure Firewall, if the region supports Availability Zones. To upgrade an existing Azure Virtual WAN Hub to a Secure Hub and have the Azure Firewall use Availability Zones, you must use Azure PowerShell, as described later in this article.
 
 ## Prerequisites
 
@@ -32,7 +32,7 @@ In this tutorial, you learn how to:
 
    This tutorial requires that you run Azure PowerShell locally on PowerShell 7. To install PowerShell 7, see [Migrating from Windows PowerShell 5.1 to PowerShell 7](/powershell/scripting/install/migrating-from-windows-powershell-51-to-powershell-7?view=powershell-7&preserve-view=true).
 
-- "Az.Network" module version must be 4.17.0 or higher. 
+- "Az.Network" module version must be 4.17.0 or higher.
 
 ## Sign in to Azure
 
@@ -86,7 +86,7 @@ $AzFW = New-AzFirewall -Name "azfw1" -ResourceGroupName $RG -Location $Location
 ```
 
 > [!NOTE]
-> The Firewall creation command below will **not** use Availability Zones. If you want to leverage this feature, an additional parameter **-Zone** is required. An example is provided in the upgrade section at the end of this article. 
+> The following Firewall creation command does **not** use Availability Zones. If you want to use this feature, an additional parameter **-Zone** is required. An example is provided in the upgrade section at the end of this article.
 
 Enabling logging from the Azure Firewall to Azure Monitor is optional, but in this example you use the Firewall logs to prove that traffic is traversing the firewall:
 
@@ -285,9 +285,9 @@ Remove-AzResourceGroup -Name $RG
 
 ## Upgrade an existing Hub with Availability Zones
 
-The procedure described above will permit a user to create a brand **new** Azure Virtual WAN Hub, and then immediately convert to a Secured Hub deploying Azure Firewall using a PowerShell script. 
-A similar approach can be applied to an **existing** Azure Virtual WAN Hub: Firewall Manager can be also used for the conversion, but will not be possible to deploy Azure Firewall across Availability Zones without a script-based approach. 
-The code snippet required to convert an existing Azure Virtual WAN Hub to a Secured Hub, using an Azure Firewall deployed across all three Availability Zones, is reported below: 
+The previous procedure uses Azure PowerShell to create a **new** Azure Virtual WAN Hub, and then immediately converts it to a Secured Hub using Azure Firewall.
+A similar approach can be applied to an **existing** Azure Virtual WAN Hub. Firewall Manager can be also used for the conversion, but it isn't possible to deploy Azure Firewall across Availability Zones without a script-based approach.
+You can use the following code snippet to convert an existing Azure Virtual WAN Hub to a Secured Hub, using an Azure Firewall deployed across all three Availability Zones.  
 
 ```azurepowershell
 # Variable definition
@@ -317,11 +317,11 @@ $AzFW = New-AzFirewall -Name $FirewallName -ResourceGroupName $RG -Location $Loc
             -SkuTier $FirewallTier `
             -Zone 1,2,3 
 ```
-Once executed the script above, Availability Zones should appear in the secured hub properties as shown in the screenshot below:
+After you run this script, Availability Zones should appear in the secured hub properties as shown in the following screenshot:
 
 :::image type="content" source="./media/secure-cloud-network/vwan-firewall-hub-az-correct7.png" alt-text="Screenshot of Secured virtual hub availability zones" lightbox="./media/secure-cloud-network/vwan-firewall-hub-az-correct7.png":::
 
-Once the Azure Firewall instance will be deployed, configuration procedure must be completed as described in the section *Deploy Azure Firewall and configure custom routing* above.
+After the Azure Firewall is deployed, a configuration procedure must be completed as described in the previous *Deploy Azure Firewall and configure custom routing* section.
 
 ## Next steps