Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article helps you implement secure networking for AI workloads on Azure platform services. You need secure networking to protect sensitive AI models, ensure data privacy, and maintain compliance requirements. Proper network configuration controls access to Azure AI Foundry and Azure AI Services while optimizing performance for model training and deployment.
Use virtual networks
Virtual networks establish secure communication boundaries for AI services and prevent unauthorized access from public networks. Private endpoints eliminate public internet exposure while maintaining full service functionality and performance. You should use virtual networks with private endpoints to protect AI models, data, and services from external threats. Here's how:
Create private endpoints for all AI platform services. Private endpoints provide dedicated network interfaces within your virtual network that connect directly to Azure services. This configuration removes public internet exposure while maintaining full functionality and performance for your AI workloads. Use private link for Azure AI Foundry and apply the same restrictions to Azure AI services.
Deploy supporting services within the network boundary. Supporting services like Azure Storage, Azure Key Vault, and Azure Container Registry must operate within the same secure network boundary as your AI services. This configuration ensures consistent security posture across all components while maintaining proper access controls for your AI workload dependencies. Use private endpoints to connect these supporting services to your managed virtual networks as shown in the Baseline Azure AI Foundry chat reference architecture.
Control network traffic
Network traffic control defines how data flows between AI services and external systems. Proper traffic restrictions protect sensitive AI data and ensure secure operations. You must implement traffic controls to safeguard AI workloads and maintain operational security. Here's how:
Deploy secure access using jumpbox infrastructure. Jumpbox access provides a centralized entry point into your AI network environment while maintaining strict security boundaries. This configuration prevents direct exposure of AI resources to external networks while enabling secure access. Use a jumpbox within your AI workload virtual network or a connectivity hub virtual network, and configure Azure Bastion for secure RDP/SSH connectivity without exposing virtual machines to the public internet.
Restrict outbound traffic to approved destinations. Outbound traffic restrictions prevent unauthorized data exfiltration while allowing necessary communication for AI model training and inference. This approach protects AI models and training data while maintaining connectivity for legitimate operations. Limit outbound traffic to approved services and fully qualified domain names (FQDNs) as documented for Azure AI services and Azure AI Foundry.
Prepare domain name resolution services. Deploy Azure DNS infrastructure as part of your Azure landing zone and configure conditional forwarders for appropriate zones. This setup ensures reliable name resolution for secure communication between AI workloads and external systems.
Configure network access controls. Use network security groups (NSGs) to define and enforce access policies for inbound and outbound traffic. These controls implement the principle of least privilege, ensuring only essential communication is permitted.
Use network monitoring services. Monitor network performance and health using tools like Azure Monitor Network Insights and Azure Network Watcher. For advanced threat detection and response, integrate Microsoft Sentinel into your Azure network monitoring strategy.
Deploy Azure Firewall to secure outbound traffic. Azure Firewall enforces security policies for outgoing traffic before it reaches the internet. Use it to control and monitor outbound traffic, enable SNAT for private IP translation, and ensure secure and identifiable outbound communication.
Use Azure Web Application Firewall (WAF) for internet-facing workloads. Azure WAF protects AI workloads from common web vulnerabilities like SQL injections and cross-site scripting attacks. Configure Azure WAF on Application Gateway to enhance security for workloads exposed to malicious web traffic.
Azure resources
| Category | Tool | Description |
|---|---|---|
| Network isolation | Azure Virtual Network | Creates secure network boundaries and enables private communication between Azure resources |
| Private connectivity | Azure Private Link | Provides private access to Azure services over the Microsoft backbone network |
| Secure access | Azure Bastion | Delivers secure RDP/SSH connectivity without public IP exposure |
| DNS management | Azure Private DNS | Manages private DNS zones for secure name resolution within virtual networks |
| API gateway | Azure API Management | Centralizes API management and security for AI service endpoints |
| Web security | Azure Application Gateway | Provides secure HTTPS termination and web application firewall capabilities |
| Global delivery | Azure Front Door | Offers global load balancing and secure edge connectivity for AI applications |