This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 6%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Is an ASE required for PCI SAQ A-EP compliance? or as long as the web application is correctly secured, simply using 'standard' Web Apps will provide the necessary network security required for compliance.
Our design would have Application Gateway in front of the Web Apps and the web application would use Azure SQL.
Thanks for your help
You would need an application gateway or other WAF component (e.g. an NVA with WAF features). You could also use containers/AKS