Leverage network isolation feature


Some of the functionality described in this release plan has not been released. Delivery timelines may change and projected functionality may not be released (see Microsoft policy). Learn more: What's new and planned

Enabled for Public preview General availability
Admins, makers, marketers, or analysts, automatically Oct 2023 -

Business value

With this feature, customers can enhance their risk mitigation approach by allowing Microsoft Dataverse plug-ins to connect to private, endpoint-enabled resources in Azure or resources within their network.

Feature details

Outbound interactions between Dataverse and a customer's on-premises deployments or private, endpoint-enabled Azure resources now use the Microsoft Azure backbone, instead of the public internet.

This feature applies to Power Platform services onboarded to subnet delegation starting with connections from customer plug-ins. The IT administrator can establish a network, enterprise policy for outbound connections from Dataverse plug-ins and link their VNet or subnet with their Power Platform environment to route plug-in, outbound traffic securely through the Azure backbone.

This feature will initially be released with a programmatic interface. However, a graphical user interface to configure the feature is planned for the future.

For more information, go to What is subnet delegation?. Subnet delegation helps you mitigate data exfiltration risks both from insider and external threats and provides security compliance by enforcing traffic to travel through virtual, private networks. It also helps you gain more control of data from subnet-delegated, Power Platform services.