[Question] 02 Secure Development: Express Route coverage and reference architectures
Opened this issue · 0 comments
Stijnc commented
Could you elaborate on certain items in the secure development Express route documentation.
items include;
- not multiple nic's on ER connected VM's
- EnableIPForwarding flag not set to true
- Only resources of type Microsoft.Network/* must be added to the ER network
- no virtual network peerings on an ER connected vnet
- no other gateway type present
How do you position these recommendations (with High and Medium severity) against the existing reference architectures?
examples;
Thanks for the clarification.