Enable NSG flow logs and send logs into a Storage Account for traffic audit. Use Azure Security Center and follow network protection recommendations to help secure your network resources in Azure.
AZURE CIS BENCHMARK 1.3 HOW TO
How to deploy and configure Azure Firewallġ.2: Monitor and log the configuration and traffic of virtual networks, subnets, and NICs Azure ID How to create an NSG with a security configuration Understand Virtual Network Service Endpoints For service specific requirements, please refer to the security recommendation for that specific service.Īlternatively, if you have a specific use case, requirement may be met by implementing Azure Firewall. When Private Endpoints and Private Link not available, use Service Endpoints. When available, use Private Endpoints with Private Link to secure your Azure service resources to your virtual network by extending VNet identity to the service.
1.1: Protect Azure resources within virtual networks Azure IDĮnsure that all Virtual Network subnet deployments have a Network Security Group applied with network access controls specific to your application's trusted ports and sources. Network security recommendations focus on specifying which network protocols, TCP/UDP ports, and network connected services are allowed or denied access to Azure services. The most up-to-date Azure Security Benchmark is available here.
0 kommentar(er)
