Implementing network security
In the previous section, Configuring access to resources, we discussed the fact that Data Explorer pools can be accessed directly through their public endpoints, without requiring users to connect to them via the Azure Synapse workspace. The implementation of a successful security strategy to protect Azure Synapse resources involves thinking about not only controlling access to your workspace but also how to protect access to each of these public endpoints. Thankfully, the platform offers some important features to help us achieve this objective.
Let’s take this chance to establish some key terminology that will help us understand how network isolation is implemented: