banner-why-daymark.jpg

Cole Tramp's Microsoft Insights

Microsoft Experiences from the Front Line

Microsoft Fabric Gateways: On‑Prem, VNet, and Streaming

Posted by Cole Tramp

Mar 2, 2026 7:00:00 AM

vnet-overview-1024x376

Overview

A data gateway in Microsoft Fabric and Power BI is the secure connectivity layer that allows cloud services to access data sources that aren’t publicly reachable. This includes on-premises systems, Azure resources locked behind private endpoints, and streaming platforms running inside private networks.

Gateways are critical because most real-world architectures are hybrid. Even as organizations adopt Fabric, they often need to integrate with legacy systems, tightly secured Azure services, or real-time platforms that cannot be exposed to the public internet. Gateways make this possible without compromising security or network boundaries.

Microsoft Fabric currently supports three gateway types, each optimized for a different scenario:

    • On-premises data gateway
    • Virtual network data gateway
    • Streaming virtual network data gateway

Understanding when to use each one helps avoid unnecessary complexity and ensures the right balance of security, performance, and manageability.

What a Data Gateway Does in Fabric and Power BI

At a high level, a data gateway acts as a secure bridge between Fabric and your data source. It enables Fabric experiences such as Dataflow Gen2, pipelines, semantic model refreshes, and Eventstream to read or ingest data while respecting private networking constraints.

Gateways matter because they:

    • Allow access to private or on-prem data without opening public endpoints
    • Centralize and control how Fabric connects to sensitive systems
    • Enable hybrid and regulated architectures to still benefit from SaaS analytics

Without gateways, many Fabric workloads simply wouldn’t be viable in enterprise environments.

On-Premises Data Gateway

What it is

The on-premises data gateway is a Windows service that runs close to the data source and securely brokers communication.

Despite the name, this gateway is not limited to traditional on‑premises datacenters. It is commonly used for SQL Server installed on a server in any location, including on‑prem environments, Azure virtual machines, and VMs running in AWS, GCP, or other hosted platforms. As long as the gateway can reach the SQL Server instance over the network, Fabric can connect to it.

Typical use cases

    • Power BI semantic model refreshes from SQL Server running on a VM
    • Fabric Dataflow Gen2 or pipeline ingestion from privately hosted SQL Server
    • Hybrid architectures where SQL Server must remain non‑public

Virtual Network Data Gateway

What it is

The virtual network (VNet) data gateway is a fully managed, cloud‑native gateway that allows Fabric to access data sources inside an Azure virtual network.

Unlike the on‑premises data gateway, there is no software to install or maintain. Microsoft manages the gateway infrastructure, making it well suited for modern Azure architectures that rely on private endpoints and Azure Private Link.

Typical use cases

    • Accessing Azure SQL, Storage, or other PaaS services behind private endpoints
    • Running Fabric pipelines, Dataflow Gen2, Copy Jobs, or Mirroring securely
    • Standardizing private connectivity for Fabric workloads without managing gateway servers

Streaming Virtual Network Data Gateway

What it is

The streaming virtual network data gateway is designed specifically for Fabric Eventstream in Real‑Time Intelligence. It enables Eventstream connectors to access streaming data sources that reside inside private networks.

Rather than acting as a traditional query bridge, this gateway deploys the Eventstream streaming connector into a customer‑managed Azure VNet, providing private network access to the streaming source.

Typical use cases

    • Streaming data from Kafka, Service Bus, or similar platforms in private VNets
    • Real‑time ingestion from on‑prem environments connected via VPN or ExpressRoute
    • Secure, low‑latency streaming without exposing endpoints publicly

Final Thoughts

Fabric’s gateway options are intentionally specialized:

    • On‑premises data gateway is ideal for SQL Server and other systems running on privately managed servers, regardless of physical location.
    • VNet data gateway is the preferred choice for secure, cloud‑native access to Azure PaaS services inside virtual networks.
    • Streaming VNet data gateway exists specifically to support private, real‑time ingestion through Eventstream.

The decision ultimately comes down to a couple questions:

    • Is the workload batch or streaming?
    • Does the data live on a server you manage or in a service Azure manages?

If you’re interested in configuring a data gateway or figuring out how to get started with Microsoft Fabric, feel free to reach out and let’s talk!

 

How Can We Help?  Speak With An Expert

About

Daymark Solutions is an experienced technology integration and solutions provider that helps organizations throughout North America effectively architect, implement, and deploy customized solutions to help their clients grow and scale their IT infrastructure. Specializing in data center infrastructure, AI and cloud solutions, Daymark’s unique combination of in-depth technical knowledge, extensive experience, and proven methodologies enable its clients to successfully address even the most difficult technology challenges.

Connect

    

Links

Contact

Corporate Headquarters
Daymark Solutions
131 Middlesex Turnpike
Burlington, MA 01803

Corporate: +1 781-359-3000

Email: info@daymarksi.com

© 2026 Daymark Solutions, Inc. All rights reserved.  |  Daymark Privacy Policy