diff --git a/docs/reference-architectures/hybrid-networking/images/shared-services.svg b/docs/reference-architectures/hybrid-networking/images/shared-services.svg
new file mode 100644
index 00000000000..8578a99c1b3
--- /dev/null
+++ b/docs/reference-architectures/hybrid-networking/images/shared-services.svg
@@ -0,0 +1,489 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 22.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1"
+	 id="svg10865" inkscape:version="0.91 r13725" sodipodi:docname="vpn.svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" xmlns:svg="http://www.w3.org/2000/svg" xmlns:v="http://schemas.microsoft.com/visio/2003/SVGExtensions/"
+	 xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 320 144"
+	 style="enable-background:new 0 0 320 144;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#33CC66;}
+	.st1{fill:#E4FAFF;stroke:#3A99C6;stroke-width:0.4537;}
+	.st2{fill:#EAEAEA;stroke:#4C4C4C;stroke-width:0.3171;}
+	.st3{fill:#77A7D3;}
+	.st4{fill-opacity:7.692309e-02;stroke:#4C4C4C;stroke-width:0.665;}
+	.st5{fill:#2A3282;}
+	.st6{fill:#3999C6;}
+	.st7{fill:#7FBA00;}
+	.st8{fill:#0078D7;}
+</style>
+<g>
+	<rect x="210.7" y="49" transform="matrix(0.766 -0.6428 0.6428 0.766 22.9339 166.2028)" class="st0" width="58.1" height="5.2"/>
+	
+		<rect x="237.2" y="63.3" transform="matrix(0.6428 -0.766 0.766 0.6428 14.8658 216.6715)" class="st0" width="5.2" height="58.1"/>
+</g>
+<rect id="rect11512_3_" x="124" y="33.9" class="st1" width="95.2" height="79.1"/>
+<rect id="rect9363" x="155.3" y="89.4" class="st2" width="60.6" height="20"/>
+<sodipodi:namedview  bordercolor="#666666" borderopacity="1.0" id="base" inkscape:current-layer="layer7" inkscape:cx="84.761001" inkscape:cy="-4.9551184" inkscape:document-units="px" inkscape:pageopacity="0.0" inkscape:pageshadow="2" inkscape:window-height="897" inkscape:window-maximized="1" inkscape:window-width="1536" inkscape:window-x="-8" inkscape:window-y="-8" inkscape:zoom="1.979899" pagecolor="#ffffff" showgrid="false" units="px">
+	</sodipodi:namedview>
+<g id="layer1" transform="translate(0,-908.36216)" inkscape:groupmode="layer" inkscape:label="Layer 1">
+</g>
+<g id="layer6" inkscape:groupmode="layer" inkscape:label="vnet">
+</g>
+<g id="layer5" inkscape:groupmode="layer" inkscape:label="Layer 2">
+</g>
+<g id="layer4" inkscape:groupmode="layer" inkscape:label="on prem network">
+	<g id="Layer_1" transform="translate(-29.728804,-35.305391)">
+	</g>
+</g>
+<g id="Layer_1-0" transform="matrix(0.66238217,0,0,0.66238217,6.1842798,-17.792793)">
+</g>
+<g id="File_x2C__general" transform="translate(145.68329,-93.669594)">
+	<title  id="title6">Sheet.1071</title>
+</g>
+<g id="Message" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Monitor" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Monitor_running_apps" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Mouse" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Network_card" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Not_allowed" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Performance" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Phone" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Plug_and_play" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Powershell_script_file" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Protocol_stack" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Queue_x2C__general" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="RMS_connector" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="paths" transform="translate(145.68329,-93.669594)">
+	<g id="Access_control">
+	</g>
+	<g id="Azure_active_directory">
+	</g>
+	<g id="Generic_code">
+	</g>
+	<g id="Laptop">
+	</g>
+	<g id="Load_balancer">
+	</g>
+	<g id="Lock_x2C__protected">
+	</g>
+</g>
+<g id="symbols" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="slices" transform="translate(145.68329,-93.669594)">
+</g>
+<g id="Layer_1-0-8" transform="matrix(0.66238217,0,0,0.66238217,-1.9359219,-18.697174)">
+</g>
+<g id="File_x2C__general-9" transform="translate(137.5631,-94.573988)">
+	<title  id="title6-5">Sheet.1071</title>
+</g>
+<g id="Message-5" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Monitor-9" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Monitor_running_apps-8" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Mouse-2" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Network_card-4" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Not_allowed-1" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Performance-1" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Phone-2" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Plug_and_play-4" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Powershell_script_file-4" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Protocol_stack-4" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Queue_x2C__general-4" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="RMS_connector-7" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="paths-6" transform="translate(137.5631,-94.573988)">
+	<g id="Access_control-4">
+	</g>
+	<g id="Azure_active_directory-3">
+	</g>
+	<g id="Generic_code-8">
+	</g>
+	<g id="Laptop-7">
+	</g>
+	<g id="Load_balancer-8">
+	</g>
+	<g id="Lock_x2C__protected-4">
+	</g>
+</g>
+<g id="symbols-8" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="slices-2" transform="translate(137.5631,-94.573988)">
+</g>
+<g id="Layer_1_1_" transform="matrix(0.06125617,0,0,0.06125617,150.76274,-1.4349378)">
+	<g id="File_x2C__general-6">
+		<title  id="title5">Sheet.1071</title>
+	</g>
+</g>
+<g id="Access_control-2" transform="matrix(0.06125617,0,0,0.06125617,150.76274,-1.4349378)">
+</g>
+<g id="Azure_active_directory-8" transform="matrix(0.06125617,0,0,0.06125617,150.76274,-1.4349378)">
+</g>
+<g id="symbols-6" transform="matrix(0.06125617,0,0,0.06125617,150.76274,-1.4349378)">
+</g>
+<polygon class="st3" points="122.1,71.9 117.7,65.6 117.7,69.2 91.9,69.2 91.9,65.6 87.6,71.9 91.9,78.4 91.9,74.8 117.7,74.8 
+	117.7,78.4 "/>
+<g id="g4533" transform="translate(-0.2402297,-915.19322)">
+	<rect id="rect11496" x="13.8" y="939.5" class="st4" width="71.5" height="95.4"/>
+	<g id="g4523" transform="translate(0.28559,7.5139434)">
+		<g id="g12778" transform="translate(-20.415211,902.58454)">
+			<path id="path11491" inkscape:connector-curvature="0" d="M57.9,68.6H41.6c-0.5,0-1,0.5-1,1V81c0,0.5,0.4,1,1,1h5.6
+				c0.6,2.1-0.2,2.4-3.7,2.4v1.1H48h3.3h4.2v-1.1c-3.5,0-3.9-0.3-3.3-2.4h5.7c0.5,0,1.1-0.5,1.1-1V69.7C59,69.1,58.4,68.6,57.9,68.6
+				z M57.6,70v10.6H42V70H57.6L57.6,70z"/>
+			<g id="g12774">
+				<path id="path8" inkscape:connector-curvature="0" d="M78.5,49.3H62.3c-0.5,0-1,0.5-1,1v11.3c0,0.5,0.4,1,1,1h5.6
+					c0.6,2.1-0.2,2.4-3.7,2.4v1.1h4.5H72h4.2V65c-3.5,0-3.9-0.3-3.3-2.4h5.7c0.5,0,1.1-0.5,1.1-1V50.3
+					C79.6,49.8,79.1,49.3,78.5,49.3L78.5,49.3z M78.2,50.7v10.6H62.6V50.7H78.2L78.2,50.7z"/>
+				<path id="path11493" inkscape:connector-curvature="0" d="M78.5,88H62.3c-0.5,0-1,0.5-1,1v11.3c0,0.5,0.4,1,1,1h5.6
+					c0.6,2.1-0.2,2.4-3.7,2.4v1.1h4.5H72h4.2v-1.1c-3.5,0-3.9-0.3-3.3-2.4h5.7c0.5,0,1.1-0.5,1.1-1V89C79.6,88.4,79.1,88,78.5,88
+					L78.5,88z M78.2,89.3v10.6H62.6V89.3H78.2L78.2,89.3z"/>
+			</g>
+		</g>
+		<g id="g13011" transform="matrix(0.76688787,0,0,0.76688787,-60.576555,1016.5226)">
+			<path id="path24" inkscape:connector-curvature="0" class="st5" d="M179.5-47.5h-27.2c-0.8,0-1.5,0.5-1.5,1.1v5.5
+				c0,0.6,0.6,1.1,1.5,1.1h27.2c0.8,0,1.5-0.5,1.5-1.1v-5.5C181-46.9,180.3-47.5,179.5-47.5z M155.5-42c-0.9,0-1.5-0.7-1.5-1.5
+				s0.7-1.5,1.5-1.5c0.9,0,1.5,0.7,1.5,1.5S156.3-42,155.5-42z M162.4-42c-0.9,0-1.5-0.7-1.5-1.5s0.7-1.5,1.5-1.5s1.5,0.7,1.5,1.5
+				S163.3-42,162.4-42z M169.4-42c-0.9,0-1.5-0.7-1.5-1.5s0.7-1.5,1.5-1.5c0.9,0,1.5,0.7,1.5,1.5S170.2-42,169.4-42z M176.3-42
+				c-0.9,0-1.5-0.7-1.5-1.5s0.7-1.5,1.5-1.5s1.5,0.7,1.5,1.5S177.2-42,176.3-42z"/>
+			<polygon id="polygon26" class="st5" points="175.4,-55.2 156.4,-55.2 150.8,-49.8 181,-49.8 			"/>
+		</g>
+	</g>
+</g>
+<g>
+	<g>
+		<rect id="rect11512_1_" x="259.2" y="3.3" class="st1" width="51.7" height="66.5"/>
+		<g id="group4-6_1_" transform="matrix(1.2499987,0,0,1.2499987,211.3056,151.17889)">
+			<title  id="title11520">g5181</title>
+			<g id="shape5-7_1_" transform="translate(10.0836,0)">
+				<title  id="title11523">path3</title>
+				<path id="path11525_1_" inkscape:connector-curvature="0" class="st6" d="M43.8-70.3c0.1-0.1,0.1-0.3,0-0.4l-0.5-0.5l-2.4-2.4
+					c-0.1-0.1-0.3-0.1-0.4,0c-0.1,0.1-0.1,0.3,0,0.4l2.5,2.5c0.1,0.1,0.1,0.3,0,0.4l-2.6,2.6c-0.1,0.1-0.1,0.3,0,0.4s0.3,0.1,0.4,0
+					l2.4-2.4l0,0L43.8-70.3L43.8-70.3z"/>
+			</g>
+			<g id="shape6-9_1_">
+				<title  id="title11528">path5</title>
+				<path id="path11530_1_" inkscape:connector-curvature="0" class="st6" d="M42.8-70.3c-0.1-0.1-0.1-0.3,0-0.4l0.5-0.5l2.4-2.4
+					c0.1-0.1,0.3-0.1,0.4,0c0.1,0.1,0.1,0.3,0,0.4l-2.5,2.5c-0.1,0.1-0.1,0.3,0,0.4l2.5,2.6c0.1,0.1,0.1,0.3,0,0.4s-0.3,0.1-0.4,0
+					l-2.5-2.4l0,0L42.8-70.3L42.8-70.3z"/>
+			</g>
+			<g id="shape7-11_1_" transform="translate(3.41018,-3.35139)">
+				<title  id="title11533">path7</title>
+				<path id="path11535_1_" inkscape:connector-curvature="0" class="st7" d="M43.4-67.1c0,0.4-0.4,0.7-0.7,0.7s-0.8-0.4-0.8-0.7
+					s0.3-0.7,0.8-0.7C43.1-67.9,43.4-67.5,43.4-67.1z"/>
+			</g>
+			<g id="shape8-13_1_" transform="translate(6.3794,-3.35139)">
+				<title  id="title11538">path9</title>
+				<path id="path11540_1_" inkscape:connector-curvature="0" class="st7" d="M42.7-67.1c0,0.4-0.4,0.7-0.7,0.7
+					c-0.4,0-0.8-0.4-0.8-0.7s0.4-0.7,0.8-0.7C42.4-67.9,42.7-67.5,42.7-67.1z"/>
+			</g>
+			<g id="shape9-15_1_" transform="translate(9.4368,-3.35139)">
+				<title  id="title11543">circle11</title>
+				<circle id="ellipse11545_1_" class="st7" cx="41.2" cy="-67.1" r="0.7"/>
+			</g>
+		</g>
+		<g id="g4393_1_" transform="translate(-14.16131,-756.4681)">
+			<g id="Ibiza_Symbols_1_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,913.73095)">
+				<g id="g6_1_">
+					<path id="path8-3_1_" inkscape:connector-curvature="0" class="st8" d="M166.1-161h-20.4c-0.7,0-1.2,0.6-1.2,1.3v14.3
+						c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+						C167.6-160.4,166.8-161,166.1-161z M165.8-159.3v13.3h-19.6v-13.3H165.8L165.8-159.3z"/>
+					<g id="group975-1984_2_" transform="translate(1176.51,-2762.63)">
+						<title  id="title11">Sheet.975</title>
+						<g id="shape976-1985_1_" transform="translate(0.8685,-17.652)">
+							<title  id="title14">Sheet.976</title>
+							<path id="path16_1_" inkscape:connector-curvature="0" class="st8" d="M-1018,2625.2l-3.6-2l-3.6,2v0.1l3.6,2L-1018,2625.2
+								L-1018,2625.2L-1018,2625.2z"/>
+						</g>
+						<g id="shape977-1987_2_" transform="translate(15.8925,0)">
+							<title  id="title19">Sheet.977</title>
+							<path id="path21_1_" inkscape:connector-curvature="0" class="st8" d="M-1036.3,2610.2v4.1l3.6-2v-4.1L-1036.3,2610.2z"/>
+						</g>
+						<g id="shape978-1989_2_">
+							<title  id="title24">Sheet.978</title>
+							<path id="path26_1_" inkscape:connector-curvature="0" class="st8" d="M-1021.1,2610.2l-3.6-2v4.1l3.6,2V2610.2z"/>
+						</g>
+					</g>
+				</g>
+			</g>
+			<g id="g12829_1_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,878.48571)">
+				<g id="g12831_1_">
+					<path id="path12833_1_" inkscape:connector-curvature="0" class="st8" d="M166.1-144.1h-20.4c-0.7,0-1.2,0.6-1.2,1.3v14.3
+						c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+						C167.6-143.5,166.8-144.1,166.1-144.1z M165.8-142.4v13.3h-19.6v-13.3H165.8L165.8-142.4z"/>
+					<g id="g12835_1_" transform="translate(1176.51,-2762.63)">
+						<title  id="title12837">Sheet.975</title>
+						<g id="g12839_1_" transform="translate(0.8685,-17.652)">
+							<title  id="title12841">Sheet.976</title>
+							<path id="path12843_1_" inkscape:connector-curvature="0" class="st8" d="M-1018,2642.1l-3.6-2l-3.6,2v0.1l3.6,2
+								L-1018,2642.1L-1018,2642.1L-1018,2642.1z"/>
+						</g>
+						<g id="g12845_1_" transform="translate(15.8925,0)">
+							<title  id="title12847">Sheet.977</title>
+							<path id="path12849_1_" inkscape:connector-curvature="0" class="st8" d="M-1036.3,2627.1v4.1l3.6-2v-4.1L-1036.3,2627.1z"/>
+						</g>
+						<g id="g12851_1_">
+							<title  id="title12853">Sheet.978</title>
+							<path id="path12855_1_" inkscape:connector-curvature="0" class="st8" d="M-1021.1,2627.1l-3.6-2v4.1l3.6,2V2627.1z"/>
+						</g>
+					</g>
+				</g>
+			</g>
+			<g id="g4365_1_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,948.07614)">
+				<g id="g4367_1_">
+					<path id="path4369_1_" inkscape:connector-curvature="0" class="st8" d="M166.1-177.5h-20.4c-0.7,0-1.2,0.6-1.2,1.3v14.3
+						c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+						C167.6-176.9,166.8-177.5,166.1-177.5z M165.8-175.7v13.3h-19.6v-13.3H165.8L165.8-175.7z"/>
+					<g id="g4371_1_" transform="translate(1176.51,-2762.63)">
+						<title  id="title4373">Sheet.975</title>
+						<g id="g4375_1_" transform="translate(0.8685,-17.652)">
+							<title  id="title4377">Sheet.976</title>
+							<path id="path4379_1_" inkscape:connector-curvature="0" class="st8" d="M-1018,2608.8l-3.6-2l-3.6,2v0.1l3.6,2L-1018,2608.8
+								L-1018,2608.8L-1018,2608.8z"/>
+						</g>
+						<g id="g4381_1_" transform="translate(15.8925,0)">
+							<title  id="title4383">Sheet.977</title>
+							<path id="path4385_1_" inkscape:connector-curvature="0" class="st8" d="M-1036.3,2593.8v4.1l3.6-2v-4.1L-1036.3,2593.8z"/>
+						</g>
+						<g id="g4387_1_">
+							<title  id="title4389">Sheet.978</title>
+							<path id="path4391_1_" inkscape:connector-curvature="0" class="st8" d="M-1021.1,2593.8l-3.6-2v4.1l3.6,2V2593.8z"/>
+						</g>
+					</g>
+				</g>
+			</g>
+		</g>
+	</g>
+	<g>
+		<rect id="rect11512_2_" x="259.5" y="74.2" class="st1" width="51.7" height="66.5"/>
+		<g id="group4-6_2_" transform="matrix(1.2499987,0,0,1.2499987,211.3056,151.17889)">
+			<title  id="title11520">g5181</title>
+			<g id="shape5-7_2_" transform="translate(10.0836,0)">
+				<title  id="title11523">path3</title>
+				<path id="path11525_2_" inkscape:connector-curvature="0" class="st6" d="M44-13.6c0.1-0.1,0.1-0.3,0-0.4l-0.5-0.5l-2.4-2.4
+					c-0.1-0.1-0.3-0.1-0.4,0c-0.1,0.1-0.1,0.3,0,0.4l2.5,2.5c0.1,0.1,0.1,0.3,0,0.4L40.6-11c-0.1,0.1-0.1,0.3,0,0.4
+					c0.1,0.1,0.3,0.1,0.4,0l2.4-2.4l0,0L44-13.6L44-13.6z"/>
+			</g>
+			<g id="shape6-9_2_">
+				<title  id="title11528">path5</title>
+				<path id="path11530_2_" inkscape:connector-curvature="0" class="st6" d="M43-13.6c-0.1-0.1-0.1-0.3,0-0.4l0.5-0.5l2.4-2.4
+					c0.1-0.1,0.3-0.1,0.4,0c0.1,0.1,0.1,0.3,0,0.4L43.9-14c-0.1,0.1-0.1,0.3,0,0.4l2.5,2.6c0.1,0.1,0.1,0.3,0,0.4
+					c-0.1,0.1-0.3,0.1-0.4,0L43.6-13l0,0L43-13.6L43-13.6z"/>
+			</g>
+			<g id="shape7-11_2_" transform="translate(3.41018,-3.35139)">
+				<title  id="title11533">path7</title>
+				<path id="path11535_2_" inkscape:connector-curvature="0" class="st7" d="M43.6-10.4c0,0.4-0.4,0.7-0.7,0.7
+					c-0.4,0-0.8-0.4-0.8-0.7s0.3-0.7,0.8-0.7C43.3-11.2,43.6-10.8,43.6-10.4z"/>
+			</g>
+			<g id="shape8-13_2_" transform="translate(6.3794,-3.35139)">
+				<title  id="title11538">path9</title>
+				<path id="path11540_2_" inkscape:connector-curvature="0" class="st7" d="M42.9-10.4c0,0.4-0.4,0.7-0.7,0.7
+					c-0.4,0-0.8-0.4-0.8-0.7s0.4-0.7,0.8-0.7C42.6-11.2,42.9-10.8,42.9-10.4z"/>
+			</g>
+			<g id="shape9-15_2_" transform="translate(9.4368,-3.35139)">
+				<title  id="title11543">circle11</title>
+				<circle id="ellipse11545_2_" class="st7" cx="41.4" cy="-10.4" r="0.7"/>
+			</g>
+		</g>
+		<g id="g4393_2_" transform="translate(-14.16131,-756.4681)">
+			<g id="Ibiza_Symbols_2_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,913.73095)">
+				<g id="g6_2_">
+					<path id="path8-3_2_" inkscape:connector-curvature="0" class="st8" d="M166.5-72.3h-20.4c-0.7,0-1.2,0.6-1.2,1.3v14.3
+						c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3V-71
+						C167.9-71.6,167.2-72.3,166.5-72.3z M166.1-70.5v13.3h-19.6v-13.3H166.1L166.1-70.5z"/>
+					<g id="group975-1984_1_" transform="translate(1176.51,-2762.63)">
+						<title  id="title11">Sheet.975</title>
+						<g id="shape976-1985_2_" transform="translate(0.8685,-17.652)">
+							<title  id="title14">Sheet.976</title>
+							<path id="path16_2_" inkscape:connector-curvature="0" class="st8" d="M-1017.7,2714l-3.6-2l-3.6,2v0.1l3.6,2L-1017.7,2714
+								L-1017.7,2714L-1017.7,2714z"/>
+						</g>
+						<g id="shape977-1987_1_" transform="translate(15.8925,0)">
+							<title  id="title19">Sheet.977</title>
+							<path id="path21_2_" inkscape:connector-curvature="0" class="st8" d="M-1035.9,2699v4.1l3.6-2v-4.1L-1035.9,2699z"/>
+						</g>
+						<g id="shape978-1989_1_">
+							<title  id="title24">Sheet.978</title>
+							<path id="path26_2_" inkscape:connector-curvature="0" class="st8" d="M-1020.8,2699l-3.6-2v4.1l3.6,2L-1020.8,2699
+								L-1020.8,2699z"/>
+						</g>
+					</g>
+				</g>
+			</g>
+			<g id="g12829_2_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,878.48571)">
+				<g id="g12831_2_">
+					<path id="path12833_2_" inkscape:connector-curvature="0" class="st8" d="M166.5-55.4h-20.4c-0.7,0-1.2,0.6-1.2,1.3v14.3
+						c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+						C167.9-54.8,167.2-55.4,166.5-55.4z M166.1-53.7v13.3h-19.6v-13.3H166.1L166.1-53.7z"/>
+					<g id="g12835_2_" transform="translate(1176.51,-2762.63)">
+						<title  id="title12837">Sheet.975</title>
+						<g id="g12839_2_" transform="translate(0.8685,-17.652)">
+							<title  id="title12841">Sheet.976</title>
+							<path id="path12843_2_" inkscape:connector-curvature="0" class="st8" d="M-1017.7,2730.8l-3.6-2l-3.6,2v0.1l3.6,2
+								L-1017.7,2730.8L-1017.7,2730.8L-1017.7,2730.8z"/>
+						</g>
+						<g id="g12845_2_" transform="translate(15.8925,0)">
+							<title  id="title12847">Sheet.977</title>
+							<path id="path12849_2_" inkscape:connector-curvature="0" class="st8" d="M-1035.9,2715.9v4.1l3.6-2v-4.1L-1035.9,2715.9z"/>
+						</g>
+						<g id="g12851_2_">
+							<title  id="title12853">Sheet.978</title>
+							<path id="path12855_2_" inkscape:connector-curvature="0" class="st8" d="M-1020.8,2715.9l-3.6-2v4.1l3.6,2L-1020.8,2715.9
+								L-1020.8,2715.9z"/>
+						</g>
+					</g>
+				</g>
+			</g>
+			<g id="g4365_2_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,948.07614)">
+				<g id="g4367_2_">
+					<path id="path4369_2_" inkscape:connector-curvature="0" class="st8" d="M166.5-88.7h-20.4c-0.7,0-1.2,0.6-1.2,1.3v14.3
+						c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+						C167.9-88.1,167.2-88.7,166.5-88.7z M166.1-87v13.3h-19.6V-87H166.1L166.1-87z"/>
+					<g id="g4371_2_" transform="translate(1176.51,-2762.63)">
+						<title  id="title4373">Sheet.975</title>
+						<g id="g4375_2_" transform="translate(0.8685,-17.652)">
+							<title  id="title4377">Sheet.976</title>
+							<path id="path4379_2_" inkscape:connector-curvature="0" class="st8" d="M-1017.7,2697.5l-3.6-2l-3.6,2v0.1l3.6,2
+								L-1017.7,2697.5L-1017.7,2697.5L-1017.7,2697.5z"/>
+						</g>
+						<g id="g4381_2_" transform="translate(15.8925,0)">
+							<title  id="title4383">Sheet.977</title>
+							<path id="path4385_2_" inkscape:connector-curvature="0" class="st8" d="M-1035.9,2682.5v4.1l3.6-2v-4.1L-1035.9,2682.5z"/>
+						</g>
+						<g id="g4387_2_">
+							<title  id="title4389">Sheet.978</title>
+							<path id="path4391_2_" inkscape:connector-curvature="0" class="st8" d="M-1020.8,2682.5l-3.6-2v4.1l3.6,2L-1020.8,2682.5
+								L-1020.8,2682.5z"/>
+						</g>
+					</g>
+				</g>
+			</g>
+		</g>
+	</g>
+</g>
+<g id="group4-6_3_" transform="matrix(1.2499987,0,0,1.2499987,211.3056,151.17889)">
+	<title  id="title11520">g5181</title>
+	<g id="shape5-7_3_" transform="translate(10.0836,0)">
+		<title  id="title11523">path3</title>
+		<path id="path11525_3_" inkscape:connector-curvature="0" class="st6" d="M-66.8-35.5c0.1-0.1,0.1-0.3,0-0.4l-0.5-0.5l-2.4-2.4
+			c-0.1-0.1-0.3-0.1-0.4,0c-0.1,0.1-0.1,0.3,0,0.4l2.5,2.5c0.1,0.1,0.1,0.3,0,0.4l-2.6,2.6c-0.1,0.1-0.1,0.3,0,0.4
+			c0.1,0.1,0.3,0.1,0.4,0l2.4-2.4l0,0L-66.8-35.5L-66.8-35.5z"/>
+	</g>
+	<g id="shape6-9_3_">
+		<title  id="title11528">path5</title>
+		<path id="path11530_3_" inkscape:connector-curvature="0" class="st6" d="M-67.8-35.5c-0.1-0.1-0.1-0.3,0-0.4l0.5-0.5l2.4-2.4
+			c0.1-0.1,0.3-0.1,0.4,0s0.1,0.3,0,0.4l-2.5,2.5c-0.1,0.1-0.1,0.3,0,0.4l2.5,2.6c0.1,0.1,0.1,0.3,0,0.4c-0.1,0.1-0.3,0.1-0.4,0
+			l-2.5-2.4l0,0L-67.8-35.5L-67.8-35.5z"/>
+	</g>
+	<g id="shape7-11_3_" transform="translate(3.41018,-3.35139)">
+		<title  id="title11533">path7</title>
+		<path id="path11535_3_" inkscape:connector-curvature="0" class="st7" d="M-67.2-32.4c0,0.4-0.4,0.7-0.7,0.7
+			c-0.4,0-0.8-0.4-0.8-0.7c0-0.4,0.3-0.7,0.8-0.7C-67.5-33.1-67.2-32.8-67.2-32.4z"/>
+	</g>
+	<g id="shape8-13_3_" transform="translate(6.3794,-3.35139)">
+		<title  id="title11538">path9</title>
+		<path id="path11540_3_" inkscape:connector-curvature="0" class="st7" d="M-67.9-32.4c0,0.4-0.4,0.7-0.7,0.7
+			c-0.3,0-0.8-0.4-0.8-0.7c0-0.4,0.4-0.7,0.8-0.7C-68.2-33.1-67.9-32.8-67.9-32.4z"/>
+	</g>
+	<g id="shape9-15_3_" transform="translate(9.4368,-3.35139)">
+		<title  id="title11543">circle11</title>
+		<circle id="ellipse11545_3_" class="st7" cx="-69.4" cy="-32.4" r="0.7"/>
+	</g>
+</g>
+<g>
+	<rect id="rect9363_1_" x="148.6" y="60.6" class="st2" width="30.1" height="23.3"/>
+	<g id="Ibiza_Symbols_3_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,913.73095)">
+		<g id="g6_3_">
+			<path id="path8-3_3_" inkscape:connector-curvature="0" class="st8" d="M-16.7-1064.4h-20.5c-0.7,0-1.2,0.6-1.2,1.3v14.3
+				c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+				C-15.3-1063.8-16.1-1064.4-16.7-1064.4z M-17.1-1062.7v13.3h-19.6v-13.3H-17.1L-17.1-1062.7z"/>
+			<g id="group975-1984_3_" transform="translate(1176.51,-2762.63)">
+				<title  id="title11">Sheet.975</title>
+				<g id="shape976-1985_3_" transform="translate(0.8685,-17.652)">
+					<title  id="title14">Sheet.976</title>
+					<path id="path16_3_" inkscape:connector-curvature="0" class="st8" d="M-1200.9,1721.8l-3.6-2l-3.6,2v0.1l3.6,2L-1200.9,1721.8
+						L-1200.9,1721.8L-1200.9,1721.8z"/>
+				</g>
+				<g id="shape977-1987_3_" transform="translate(15.8925,0)">
+					<title  id="title19">Sheet.977</title>
+					<path id="path21_3_" inkscape:connector-curvature="0" class="st8" d="M-1219.2,1706.8v4.1l3.6-2v-4.1L-1219.2,1706.8z"/>
+				</g>
+				<g id="shape978-1989_3_">
+					<title  id="title24">Sheet.978</title>
+					<path id="path26_3_" inkscape:connector-curvature="0" class="st8" d="M-1204,1706.8l-3.6-2v4.1l3.6,2V1706.8z"/>
+				</g>
+			</g>
+		</g>
+	</g>
+</g>
+<g id="Gateway-5" transform="matrix(0.06125617,0,0,0.06125617,195.94662,208.59933)">
+	<path id="path10-7" inkscape:connector-curvature="0" class="st5" d="M-989.5-2383.1c-84.9,0-153.2,69-153.2,153.2
+		s68.2,153.2,153.2,153.2s153.2-68.9,153.2-153.2C-836.2-2314.3-904.4-2383.1-989.5-2383.1z M-1003.3-2313.5v-48.8h27.8v48.8h14
+		l-27.8,56.4l-27.8-56.4C-1017.2-2313.5-1003.3-2313.5-1003.3-2313.5z M-1066-2202.1l-56.4-27.8l56.4-27.8v14h48.8v27.8h-48.8
+		C-1066-2216-1066-2202.1-1066-2202.1z M-975.5-2153.4v48.8h-27.8v-48.8h-14l27.8-56.4l27.8,56.4
+		C-961.6-2153.4-975.5-2153.4-975.5-2153.4z M-912.8-2202.1v-14h-48.8v-27.8h48.8v-14l56.4,27.8L-912.8-2202.1z"/>
+</g>
+<g id="shape28-2">
+	<title>Sheet.28</title>
+	<path class="st8" d="M209.2,91.5c-0.2-0.2-0.4-0.3-0.5-0.3c-0.1,0-0.1,0-0.2,0h-18.3c-0.5,0-0.9,0.5-0.9,1v14.3c0,0.6,0.4,1,0.9,1
+		h18.5c0.5,0,0.9-0.5,0.9-1v-14C209.5,93,209.6,91.9,209.2,91.5z M196.3,105c-0.1,0.1-0.1,0.3-0.1,0.4h-1.6V93.9
+		c0-0.4,0.3-0.6,0.6-0.6h4.7c0.4,0,0.6,0.3,0.6,0.6v4.7c-0.2,0-0.4,0.2-0.5,0.4l-2.1,3.5h-2.4v0.6h2.1l-0.4,0.6h-1.7v0.6h1.3
+		L196.3,105z M203.9,105.3h-6.7c-0.3,0-0.4-0.2-0.3-0.4l3.3-5.6c0.2-0.3,0.4-0.3,0.5,0l3.3,5.6C204.3,105.1,204.2,105.3,203.9,105.3
+		z"/>
+</g>
+<g id="shape28-2_1_">
+	<title>Sheet.28</title>
+	<path class="st8" d="M183.1,91.5c-0.2-0.2-0.4-0.3-0.5-0.3c-0.1,0-0.1,0-0.2,0h-18.3c-0.5,0-0.9,0.5-0.9,1v14.3c0,0.6,0.4,1,0.9,1
+		h18.5c0.5,0,0.9-0.5,0.9-1v-14C183.4,92.9,183.5,91.8,183.1,91.5z M170.2,104.9c-0.1,0.1-0.1,0.3-0.1,0.4h-1.6V93.9
+		c0-0.4,0.3-0.6,0.6-0.6h4.7c0.4,0,0.6,0.3,0.6,0.6v4.7c-0.2,0-0.4,0.2-0.5,0.4l-2.1,3.5h-2.4v0.6h2.1l-0.4,0.6h-1.7v0.6h1.3
+		L170.2,104.9z M177.7,105.2h-6.7c-0.3,0-0.4-0.2-0.3-0.4l3.3-5.6c0.2-0.3,0.4-0.3,0.5,0l3.3,5.6
+		C178.2,105.1,178.1,105.2,177.7,105.2z"/>
+</g>
+<g>
+	<rect id="rect9363_2_" x="185.6" y="40.9" class="st2" width="30.1" height="23.3"/>
+	<g id="Ibiza_Symbols_4_" transform="matrix(0.79850972,0,0,0.79850972,185.14962,913.73095)">
+		<g id="g6_4_">
+			<path id="path8-3_4_" inkscape:connector-curvature="0" class="st8" d="M29.7-1089H9.2c-0.7,0-1.2,0.6-1.2,1.3v14.3
+				c0,0.7,0.6,1.3,1.2,1.3h7c0.7,2.7-0.2,3-4.7,3v1.4h5.6h4.1h5.3v-1.4c-4.4,0-4.9-0.4-4.1-3h7.2c0.7,0,1.4-0.6,1.4-1.3v-14.3
+				C31.1-1088.4,30.3-1089,29.7-1089z M29.3-1087.3v13.3H9.7v-13.3H29.3L29.3-1087.3z"/>
+			<g id="group975-1984_4_" transform="translate(1176.51,-2762.63)">
+				<title  id="title11">Sheet.975</title>
+				<g id="shape976-1985_4_" transform="translate(0.8685,-17.652)">
+					<title  id="title14">Sheet.976</title>
+					<path id="path16_4_" inkscape:connector-curvature="0" class="st8" d="M-1154.5,1697.2l-3.6-2l-3.6,2v0.1l3.6,2L-1154.5,1697.2
+						L-1154.5,1697.2L-1154.5,1697.2z"/>
+				</g>
+				<g id="shape977-1987_4_" transform="translate(15.8925,0)">
+					<title  id="title19">Sheet.977</title>
+					<path id="path21_4_" inkscape:connector-curvature="0" class="st8" d="M-1172.8,1682.2v4.1l3.6-2v-4.1L-1172.8,1682.2z"/>
+				</g>
+				<g id="shape978-1989_4_">
+					<title  id="title24">Sheet.978</title>
+					<path id="path26_4_" inkscape:connector-curvature="0" class="st8" d="M-1157.6,1682.2l-3.6-2v4.1l3.6,2V1682.2z"/>
+				</g>
+			</g>
+		</g>
+	</g>
+</g>
+</svg>
diff --git a/docs/reference-architectures/hybrid-networking/index.json b/docs/reference-architectures/hybrid-networking/index.json
index d6226bf1010..0764d4746bb 100644
--- a/docs/reference-architectures/hybrid-networking/index.json
+++ b/docs/reference-architectures/hybrid-networking/index.json
@@ -26,6 +26,12 @@
             "url": "./hub-spoke.md",
             "image": "./images/hub-spoke.svg",
             "summary": "The hub is a central point of connectivity to your on-premises network. The spokes are VNets that peer with the hub, and can be used to isolate workloads."
+        },
+        {
+            "title": "Hub-spoke topology with shared services",
+            "url": "./shared-services.md",
+            "image": "./images/shared-services.svg",
+            "summary": "Deploy a hub-spoke topology that includes shared services, including Active Directory services and a network virtual appliance (NVA). Shared services can be consumed by all spokes."
         }
     ]
 }
diff --git a/docs/reference-architectures/hybrid-networking/index.md b/docs/reference-architectures/hybrid-networking/index.md
index 85c0393bd82..189d9ec3dc2 100644
--- a/docs/reference-architectures/hybrid-networking/index.md
+++ b/docs/reference-architectures/hybrid-networking/index.md
@@ -9,7 +9,7 @@ layout: LandingPage
 
 # Connect an on-premises network to Azure
 
-These reference architectures show proven practices for creating a robust network connection between an on-premises network and Azure. <br/>[Which should I choose?](./considerations.md)
+These reference architectures show proven practices for creating a robust network connection between an on-premises network and Azure. [Which should I choose?](./considerations.md)
 
 <section class="series">
     <ul class="panelContent">
@@ -92,6 +92,26 @@ These reference architectures show proven practices for creating a robust networ
             </div>
         </div>
     </a>
+</li>
+    <!-- Hub-spoke topology with shared services -->
+<li style="display: flex; flex-direction: column;">
+    <a href="./shared-services.md" style="display: flex; flex-direction: column; flex: 1 0 auto;">
+        <div class="cardSize" style="flex: 1 0 auto; display: flex;">
+            <div class="cardPadding" style="display: flex;">
+                <div class="card">
+                    <div class="cardImageOuter">
+                        <div class="cardImage">
+                            <img src="./images/shared-services.svg" height="140px" />
+                        </div>
+                    </div>
+                    <div class="cardText">
+                        <h3>Hub-spoke topology with shared services</h3>
+                        <p>Deploy a hub-spoke topology that includes shared services, including Active Directory services and a network virtual appliance (NVA). Shared services can be consumed by all spokes.</p>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </a>
 </li>
     </ul>
 </section>
diff --git a/docs/reference-architectures/hybrid-networking/shared-services.md b/docs/reference-architectures/hybrid-networking/shared-services.md
index 0b55ddb19f1..5a7a54b082e 100644
--- a/docs/reference-architectures/hybrid-networking/shared-services.md
+++ b/docs/reference-architectures/hybrid-networking/shared-services.md
@@ -10,7 +10,7 @@ pnp.series.prev: hub-spoke
 ---
 # Implement a hub-spoke network topology with shared services in Azure
 
-This reference architecture builds on top of the [hub-spoke][guidance-hub-spoke] reference architecture to include shared servcices in the hub that can be consumed by all spokes. As a first step into migrating a datacenter to the cloud, and building a [virtual datacenter], the first services you need to share are identity, and security. This reference archiecture shows you how to extend your Active Directory services from your on-premises datacenter to Azure, and how to add a network virtual appliance (NVA) that can act as a firewall, in a hub-spoke topology.  [**Deploy this solution**](#deploy-the-solution).
+This reference architecture builds on the [hub-spoke][guidance-hub-spoke] reference architecture to include shared services in the hub that can be consumed by all spokes. As a first step toward migrating a datacenter to the cloud, and building a [virtual datacenter], the first services you need to share are identity and security. This reference archiecture shows you how to extend your Active Directory services from your on-premises datacenter to Azure, and how to add a network virtual appliance (NVA) that can act as a firewall, in a hub-spoke topology.  [**Deploy this solution**](#deploy-the-solution).
 
 ![[0]][0]
 
@@ -66,13 +66,13 @@ ALso, the following recommendations apply for most scenarios under shared servic
 
 Most enterprise organizations have an Active Directory Directory Services (ADDS) environment in their on-premises datacenter. To facilitate management of assets moved to Azure from your on-premises network that depend on ADDS, it is recommended to host ADDS domain controllers in Azure.
 
-If you make use of Group Policy Objects, that you want to control separately for Azure, and your on-premises environment, use a different AD site for each Azure region. And place your domain controllers in a central VNet (hub) that dependent workloads can access.
+If you make use of Group Policy Objects, that you want to control separately for Azure and your on-premises environment, use a different AD site for each Azure region. Place your domain controllers in a central VNet (hub) that dependent workloads can access.
 
 ### Security
 
-As you move workloads from your on-premises environment to Azure, some of these workloads will require to be hosted in VMs. And due to compliance you may need to enforce restrictions on traffic traversing those workloads. 
+As you move workloads from your on-premises environment to Azure, some of these workloads will require to be hosted in VMs. For compliance reasons, you may need to enforce restrictions on traffic traversing those workloads. 
 
-You can use network virtula appliances (NVAs) in Azure to host different types of security and performance services. If you are familiar with a given set of appliances on-premises today, it is recommended to use the same virtualized appliances in Azure, where applicable.
+You can use network virtual appliances (NVAs) in Azure to host different types of security and performance services. If you are familiar with a given set of appliances on-premises today, it is recommended to use the same virtualized appliances in Azure, where applicable.
 
 > [!NOTE]
 > The deployment scripts for this reference architecture use an Ubuntu VM with IP forwarding enbaled to mimic a network virtual appliance.
@@ -99,7 +99,7 @@ Before you can deploy the reference architecture to your own subscription, you m
 
 2. Make sure you have the Azure CLI 2.0 installed on your computer. For CLI installation instructions, see [Install Azure CLI 2.0][azure-cli-2].
 
-3. Install the [Azure buulding blocks][azbb] npm package.
+3. Install the [Azure building blocks][azbb] npm package.
 
 4. From a command prompt, bash prompt, or PowerShell prompt, login to your Azure account by using the command below, and follow the prompts.
 
@@ -261,6 +261,7 @@ To create a peering connection from the hub VNet to the spoke VNets, perform the
 [hybrid-ha]: ./expressroute-vpn-failover.md
 [naming conventions]: /azure/guidance/guidance-naming-conventions
 [resource-manager-overview]: /azure/azure-resource-manager/resource-group-overview
+[virtual datacenter]: https://aka.ms/vdc
 [vnet-peering]: /azure/virtual-network/virtual-network-peering-overview
 [vnet-peering-limit]: /azure/azure-subscription-service-limits#networking-limits
 [vpn-appliance]: /azure/vpn-gateway/vpn-gateway-about-vpn-devices
diff --git a/docs/reference-architectures/toc.yml b/docs/reference-architectures/toc.yml
index 79ecac613c6..57b20d8bbb0 100644
--- a/docs/reference-architectures/toc.yml
+++ b/docs/reference-architectures/toc.yml
@@ -27,6 +27,8 @@
       href: hybrid-networking/expressroute-vpn-failover.md
     - name: Hub-spoke topology
       href: hybrid-networking/hub-spoke.md
+    - name: Hub-spoke topology with shared services
+      href: hybrid-networking/shared-services.md
 
   - name: Identity management
     href: identity/index.md
