![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 72%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3END%3C/text%3E%3C/svg%3E)
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
656 questions
The way I recommend when a partner needs to access a resource within their environment is to use the Azure VPN Gateway. In Azure VPN Gateway, you can use site-to-site and point-to-site and limit resource access by allowing only the addresses of resources they need to access.
At least external access is encrypted.
Another way is to use the Azure firewall or an NVA to control traffic through a single point.
If you don't have the financial resources and can't spend, the way will be to use the NSG and allow and limit access by the source public IP, and you can better organize access using an ASG (Without cost).
Reference: https://video2.skills-academy.com/en-us/azure/virtual-network/application-security-groups
Get in touch if you need more help with this issue.
--please don't forget to "[Accept the answer]" if the reply is helpful