Share via

when we need to use App Service Environment and when it's possible to use App Service public multitenant?

Amira Ben Aissia 0 Reputation points
2025-05-24T14:33:46.33+00:00

any use case please ? or a link /training for help ?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,959 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. hossein jalilian 11,055 Reputation points Volunteer Moderator
    2025-05-24T20:14:42.7133333+00:00

    Thanks for posting your question in the Microsoft Q&A forum.

    Use ASE when your application requires:

    • High Security and Isolation
    • Network Access Control
    • High Scale and Performance
    • Custom Domain and Certificate Requirements
    • Internal Line-of-Business Applications

    Use the public multitenant App Service when:

    • Standard Security and Compliance Are Sufficient
    • Cost Efficiency
    • Fast Scaling
    • General Web and API Hosting

    Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful

    0 comments
  2. Bhargavi Naragani 5,975 Reputation points Microsoft External Staff Moderator
    2025-05-26T05:14:02.1966667+00:00

    Hi @Amira Ben Aissia,

    Choosing between App Service Environment (ASE) and the public multitenant App Service depends primarily on networking, security, scaling, and compliance needs.

    Use Azure App Service (Public Multitenant) When:

    • You're building typical web apps, APIs, or mobile backends and want a fully managed, cost-effective solution.
    • You don't require isolation at the network level; the app can run in a shared hosting environment securely.
    • Your application can communicate securely over public internet (with TLS/SSL) and doesn’t need private VNet access.
    • You need fast setup and scaling for web workloads with minimal complexity.
    • You're hosting apps that meet general security/compliance needs without needing network traffic restrictions.
    • Your goal is cost optimization; this is much cheaper than ASE.

    Reference:
    Azure App Service Plans – Overview
    Networking features in App Service

    Use App Service Environment (ASE v3) When:

    • You need full network isolation for your apps, all traffic in and out should flow entirely through your Azure Virtual Network (VNet).
    • You must restrict inbound or outbound traffic (e.g., allow only certain IP ranges or connect securely to on-premises networks).
    • You're working in highly regulated industries (e.g., financial services, healthcare, government) requiring dedicated environments and advanced compliance.
    • You need internal load-balanced endpoints (e.g., internal apps not exposed to the public internet).
    • You expect to host a large number of high-scale apps and want dedicated compute and isolation.
    • You need custom domain names with private IPs, or integration with Azure ILB.

    Reference:
    What is App Service Environment v3

    Difference between App Service Environment (ASE) and the public multitenant App Service:

    Feature Public Multitenant App Service App Service Environment (ASE)
    Cost Lower Higher (Dedicated)
    VNet Integration Partial (via Regional VNet Integration or Private Endpoints) Full (injected into your VNet)
    Isolation Shared Full network and compute isolation
    Scalability High Very High (with dedicated infra)
    Compliance/Security Standard Enterprise-grade
    Inbound Traffic Control No (only via IP restrictions) Yes (NSGs, firewalls, ILB apps)
    Internal apps only (no internet access) Not possible Fully supported

    If the answer is helpful, please click Accept Answer and kindly upvote it so that other people who faces similar issue may get benefitted from it.

    Let me know if you have any further Queries.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.