![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 50%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,775 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 21%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJH%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 93%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBG%3C/text%3E%3C/svg%3E)
Hi - Thanks for the question Michel
So firstly some differences between ASEv3 (you need the v3 version) and regular App Service Plans
*Probably the number one difference is turn-key-networking - you deploy into a given subnet (ensure you read the doc to size it correctly) and there's no proliferation of subnets as we find today in GA app service (one for private endpoints, one per plan for regional vnet integration).
On that last point , note there's a preview now on regular plans to remove the 1:1 limit for regional vnet integration so this will improve
*ASE is "single tenant" - so , if you have a workload to host where you need to meet compliance or will be audited for compliance then ASE is often the way to go. Limited/to no shared resources
*ASE scales to 200 overall and 100 instances per plan. So scale out is very good
*ASE offers a huge choice of larger machines for scale-up where you need lots of cores/RAM on the Iv2 plans (Isolated v2)
*ASE does take a fair amount of time to provision (can be around 4 hours) and it doesn't scale out and scale back as quickly as a regular ASP plan (if rapid scale out is required, ASE may not be suitable)
*Cost wise, ASEv3 is roughly on a par with standalone Premium App Service Plans BUT if you go for Availabilty zone support there's a min standing charge of 9 (3x3) of the lowest scale instance . However, if you intend to run an ASE chances are you will have more than 3 plans and each plan would anyway need to have min 3 instances to be zone resilient. That's covered in more detail in the docs. There is a charge for private endpoints yes, but you also need to be cognizant of bandwidth charges too (whether you use private endpoints or not)
It is possible (but only via template deployment) to deploy ASE in one subscription and a plan(s) for the ASE from another. However the same network/region is required for all.
On the other hand if you go for non ASE then you will (in GA terms) need a subnet for private endpoints - and a subnet per plan for regional vnet integration (for outbound traffic into your vnet - if you need it)
There is no great security risk in peering VNETs - but this does need to be planned out. There's some great advice in the Enterprise Landing Zone Guidance
So overall I would say networking is a factor - but there's much more that you need to consider before making a choice