Security and Horsepower with App Service: The New Isolated Offering

Sign in to queue

Description

You love App Service, but you need to run your apps securely inside of an Azure Virtual Network. Plus having a little (or a lot) more horsepower would be nice, too. Stefan Schackow joins Scott Hanselman for a whirlwind tour of the new Isolated App Service offering: D-Seriesv2 workers running App Service all inside the secure “moat” of your Azure virtual network.

For more information, see Introduction to App Service Environment.

Tag:

Azure

Embed

Download

The Discussion

  • User profile image
    Tom

    Will D series vms ever be available for regular app services?

  • User profile image
    Stefan

    @Tom: Yes - they are available now in Preview. See the following blog post for more info:
    https://azure.microsoft.com/en-us/blog/azure-app-service-premium-v2-in-public-preview/

  • User profile image
    Bill

    Can the VNET used for isolated app service be connected to an on-prem network via ExpressRoute? If so, does the VNET still require direct outbound access to Azure or is it OK to use a default route that directs all outbound traffic on-prem?

  • User profile image
    ccompy

    @Bill:Hi Bill, The VNet used to host an ASE can be connected to on premises using ExpressRoute but it still requires you to allow it to go direct to the internet. Read https://docs.microsoft.com/en-us/azure/app-service/app-service-environment/network-info for more information.  

    That said, we are about complete and public with an ability to let you add your own egress IPs to the ASE which could be your on premises gateways/NATs, etc.  The disclaimer to that is you need to keep latency in mind.  That is to say you do not want to send traffic to on premises across the ocean and back.   

Add Your 2 Cents