How to restrict users from uploading files from Azure Virtual Desktop(AVD) to personal or public sites?
How to restrict users from uploading files from Azure Virtual Desktop(AVD) to personal or public sites like gmail, google drive, personal onedrive, personal office365 account, dropbox, box, github, gitlab, bitbucket, azure git, etc. such site. Basically we want to restrict users from uploading files to any websites via browser or cli. Only exception should be to the sites which we want to allow. How to achieve this? Please help. Note:- we don't have anything on-premise. our AVD is in Azure cloud only.
You would do this precisely as you would an on-premise workstation using proxy or firewall services to limit access to the Internet.
Network Security Groups provide basic firewall services which would allow you to block traffic. You need to research the traffic to create rules which is generally not friendly. This is suitable if you want to block all traffic and only allow a small number of selected sites, however it is not recommended for more general security needs.
Azure Firewall has some filtering capabilities built-in which may meet your needs.
Microsoft Cloud App Security, Microsoft 365 Data Loss Prevention can help secure your data as well.
Virtual firewall appliances from all the major networking companies are available in the Azure marketplace.