How secure are Windows Azure internal endpoints?

Question

I have a front end MVC application in a web role, protected by WIF and ACS, which I would like to be my Azure application\'s only exposed surface. It connects to a number of

Answer 1

A service represents an isolation boundary, unless you declare an endpoint as an "input" endpoint, it cannot be accessed outside of this isolation boundary. The implemetation of this boundary is a private network branch with no addressability to other branches.

Keep in mind that internal endpoints are not load balanced. So there is a trade off. I wrote some stuff up on endpoints awhile back that might help consolidate things a bit.