![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 52%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,251 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 18%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGG%3C/text%3E%3C/svg%3E)
@Prasant Chettri - Thanks for the question and using MS Q&A forum.
While the current Azure Landing Zone architecture doesn't explicitly accommodate Purview or SHIR, placing them in the Management Landing Zone VNet is a reasonable approach. This aligns with their shared services nature and can provide centralized management and security.
However, it's crucial to consider the specific security and network requirements of Purview and SHIR to ensure proper isolation. You may need to implement additional network segmentation and security controls to protect sensitive data and prevent unauthorized access.
Managed Virtual Network Considerations:
The limitations of Managed Virtual Network (MVN) can impact your ability to control the underlying network configuration. If you require fine-grained network control, you may want to explore alternative deployment options, such as:
- Hybrid Deployment: Deploying SHIR on-premises or in a cloud-private network can provide greater control over network configuration and security.
- Custom Network Configuration: If possible, work with Microsoft to customize the MVN configuration to meet your specific needs.
SHIR Sizing and Scaling:
The optimal SHIR configuration depends on several factors:
- Data Source Volume and Complexity: The number and size of data sources, as well as their complexity, will significantly impact the required resources.
- Scan Frequency: More frequent scans will require more processing power.
- Workload Complexity: The types of transformations and analyses performed by SHIR will influence resource requirements.
A single VM with 10 cores and 32 GB RAM might be sufficient for smaller-scale deployments, but for larger-scale and complex scenarios, consider scaling with a scale set and load balancer.
ILB with Scale Set and Asymmetric Traffic:
While ILB with a scale set can provide scalability and high availability, it's important to be aware of potential asymmetric traffic issues. To mitigate these issues:
- Configure Proper Load Balancing: Ensure that the load balancer is configured to distribute traffic evenly across the scale set instances.
- Monitor Traffic Distribution: Use monitoring tools to track traffic distribution and identify any imbalances.
- Consider Session Affinity: If required, implement session affinity to maintain session state across multiple instances.
By carefully considering these factors and following best practices, you can effectively deploy and manage Microsoft Purview to gain valuable insights from your data assets.
Hope this helps. Do let us know if you have any further queries.
If this answers your query, do click `Accept Answer` and `Yes` for was this answer helpful. And, if you have any further query do let us know.