Network Isolation

What is Network Isolation?

Salem can be configured to support networking over Azure virtual private networks. This option allows organizations to logically add Salem to the internal network, enabling Salem to access resources without exposing those resources to the Internet.

Preparing for Network Isolation

If your organization anticipates taking advantage of this capability, it's important to plan before Salem is deployed.

Salem is deployed as an Azure Application into the consumer's Azure Subscription. This deployment creates a number of resources to support various aspects of Salem, including a Virtual Network.

The concept of Network Isolation in Salem is underpinned by the concept of Virtual Network peering in Azure. Meaning, you will peer the Salem virtual network to other existing virtual networks in your Azure environment. No two peered networks can be configured with overlapping or identical IP addresses.

This means when you deploy Salem, the Salem virtual network must be configured to use an IP address not in use by any other network in an organization's environment.

Size of the Salem Network IP Block

It is recommended to configure Salem with a /28 network IP Block. During deployment, this IP block will need to be translated into 4 smaller subnets, 3 of which will be in use by Salem.

See Microsoft Azure Documentation to answer any questions specific to Azure.