Azure App Service migration assistant​ and Migration to Azure VDI security

Question

Hello everyone,

Ive been studying some migration tools, that provided by Azure and i have doubts about the security of Azure App Service migration assistant​ and Migration to Azure VDI.

Ive seen the migration of VM's are incrypted by Migration appliance but i couldnt if Azure App Service migration assistant​ and Migration to Azure VDI encryipt traffic
in transit to Azure.

Can someone explain to me if those services encryipt the traffic or if i need to perform some configurations to guarantee this extra layer of security.

Thanks in advance :)

Answer 1

Hi @Andre Bruges ,

Apologies for the delayed response. In general, Azure offers many mechanisms for keeping data private as it moves from one location to another. Azure App Service applications support both non-encrypted HTTP requests, and encrypted HTTPS requests.

Based on this Azure encryption overview documentation :

"Whenever Azure Customer traffic moves between datacenters-- outside physical boundaries not controlled by Microsoft (or on behalf of Microsoft)-- a data-link layer encryption method using the IEEE 802.1AE MAC Security Standards (also known as MACsec) is applied from point-to-point across the underlying network hardware. The packets are encrypted and decrypted on the devices before being sent, preventing physical “man-in-the-middle” or snooping/wiretapping attacks. Because this technology is integrated on the network hardware itself, it provides line rate encryption on the network hardware with no measurable link latency increase. This MACsec encryption is on by default for all Azure traffic traveling within a region or between regions, and no action is required on customers’ part to enable."

To learn more please read these documents:
Azure security baseline for Windows Virtual Desktop
Security best practices

Hope that helps. Please let us know if you have further questions

Thanks,
Grace