Skip to content

Commit cdd0378

Browse files
committed
Feedback
1 parent ceb55fd commit cdd0378

File tree

4 files changed

+15
-5
lines changed

4 files changed

+15
-5
lines changed

azure-local/concepts/sdn-overview.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ With SDN enabled by Azure Arc, you create and apply network security groups (NSG
3030

3131
You can also manage SDN with on-premises tools like Windows Admin Center or SDN Express scripts. This approach is available for Windows Server and Azure Local 2311.2 or later. This method uses three main SDN components, and you choose which to deploy: Network Controller, Software Load Balancer (SLB), and Gateway. For more information, see [SDN managed by on-premises tools](../concepts/software-defined-networking-23h2.md).
3232

33+
## Important considerations
34+
35+
<insert table>
3336

3437
## Comparison summary of SDN management
3538

azure-local/deploy/enable-sdn-integration.md

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -47,12 +47,13 @@ Here's an architecture diagram of Network Controller in a 2-node Azure Local ins
4747
## Considerations for SDN enabled by Arc
4848

4949
> [!IMPORTANT]
50-
> - SDN enabled by Arc is a preview feature.
51-
> - Once you enable SDN, you can't roll back or disable.
50+
> - SDN enabled by Arc is a preview feature. Once you enable SDN, you can't roll back or disable.
51+
> - If you are already running Network controller on your Azure Local cluster that was deployed using on-premises tools you MUST NOT attempt to run this method.
52+
> - The only VMs that are in scope for using NSGs with this feature are Azure Local VMs. These are VMs that were deployed from Azure client interfaces (Azure CLI, Azure Portal, ARM). DO NOT use an Azure Local VM in conjunction with an NSG that is managed and applied from on-premises tools!
5253
53-
Consider this information before you enable SDN:
5454

55-
- SDN enabled by Arc is supported with updates to newer Azure Local releases.
55+
For your existing Azure Local instances:
56+
5657
- Enabling SDN with existing Azure Local VMs and logical networks is supported.
5758
- The logical networks and network interfaces are automatically hydrated into the Network Controller.
5859
- Make sure to plan for a maintenance window if you're running on a production environment. Your workloads experience a short network disruption while SDN Azure Virtual Filtering Platform policies are applied.

azure-local/manage/create-network-security-groups.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ Use a network security group to manage network traffic between logical networks
2525
- Source and destination IP addresses.
2626
- Port numbers.
2727
- Protocols (TCP/UDP).
28+
- Direction (inbound or outbound).
2829

2930
Here is a diagram that shows how network security groups are attached to logical networks and VM network interfaces on Azure Local:
3031

@@ -49,6 +50,9 @@ The diagram shows a network setup with two logical networks:
4950

5051
In this example, the NSG controls traffic flow between logical networks A and B, and between VM Web and VM SQL. You can apply the NSG to each logical network or network interface to enforce specific security rules. For example, logical network B might allow only traffic over SQL port 1433 from logical network A.
5152

53+
> [!NOTE]
54+
> - The only VMs that are in scope for using NSGs with this feature are Azure Local VMs. These are VMs that were deployed from Azure client interfaces (Azure CLI, Azure Portal, ARM). DO NOT use an Azure Local VM in conjunction with an NSG that is managed and applied from on-premises tools!
55+
5256
## Prerequisites
5357

5458
# [Azure CLI](#tab/azurecli)

azure-local/manage/manage-network-security-groups.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ ms.service: azure-local
1414

1515
This article describes how to manage network security groups (NSGs) on your Azure Local virtual machines (VMs) enabled by Azure Arc. Once you create network security groups on your Azure Local VMs, you can then list, show details, associate, dissociate, update, and delete these resources.
1616

17+
*The only VMs that are in scope for using NSGs with this feature are Azure Local VMs. These are VMs that were deployed from Azure client interfaces (Azure CLI, Azure Portal, ARM). Do not use an Azure Local VM in conjunction with an NSG that is managed and applied from on-premises tools!*
18+
1719
[!INCLUDE [important](../includes/hci-preview.md)]
1820

1921

@@ -41,7 +43,7 @@ This article describes how to manage network security groups (NSGs) on your Azur
4143

4244
---
4345

44-
## Manage network security groups and network security rules
46+
*## Manage network securi*ty groups and network security rules
4547

4648
# [Azure CLI](#tab/azurecli)
4749

0 commit comments

Comments
 (0)