AZURE – Control Storage Access by Networks

We have a storage account, “StorageV2 (general purpose v2)” and its can be accessed initially from all networks. We now want to restrict the storage access to an approved network location.

How?

Click on the storage account > Firewalls and virtual networks and click “selected networks”

You can allow access from virtual networks or allow access through the firewall. Example below adds a Virtual network name and an external IP range. Then click Save.

Azure – Route Tables – How To Force Traffic Down A Specific Route

“Create a route table when you need to override Azure’s default routing.”

Why?

  • To force internet traffic via the on-prem network
  • Route via a NGFW (Next Generation Fire Wall)

Scenario Example, if I want to force all traffic via a proxy / NGFW (zScaler) for SSL inspection, Web security, Internet security etc, to control, monitor and protect your business the internet traffic. You could even go one step further and restrict access to approved IP’s or the Proxy / zScaler for Microsoft 365 or Azure access further.

How?

Create a route table > Add >

Set a name

Add route to your table and select the next hop

Example Route set