Consider a scenario where an application front end hosting is done on Azure but the customer needs the database hosting to be done on on-premise server due to security concerns. What are the ways to handle the connectivity in Azure for this scenario?

Consider a scenario where an application front end hosting is done on

1.	Consider a scenario where an application front end hosting is done on Azure but the customer needs the database hosting to be done on on-premise server due to security concerns. What are the ways to handle the connectivity in Azure for this scenario?
Answer» Possibility 1: Azure VNET based “Point to Site” service can be a correct choice for this scenario of connecting one on-premise DB to an Azure-hosted app. “Point to Site” is VALID for cases where the count of resources to be connected via VPN is very limited. Possibility 2: In case there is a large NUMBER of resources for connection, then “Site to Site” or “Express routes” are the other options that could be considered. There might be chances that using “Site to Site” might lead to network latency as VPN due to these work only via Internet (public infrastructure). In such cases, “Express Routes” are used as it provides dedicated leased line for overcoming latency issues. Possibility 3: In case the customer is not willing to work via VNET, then WINDOWS Communication Foundation (WCF) service can be developed and hosted on-premise which would have CRUD operations MEANT only for the database hosted on-premise. This works by means of using the “Service bus relay” option for developing communication between the Azure-hosted app to the WCF service for database ACCESS.