Azure Virtual Network
      Back to home
      1. CNS Policies
      2. Azure Knowledge Base
      3. Azure Virtual Network

      Network Gateways In Use

      Risk Level: Low

      Description: 

      This plugin assures that Virtual Networks use subnets and network security groups instead of virtual network gateways. To satisfy your organization's security and compliance needs, use subnets and network security groups to govern network traffic rather than virtual network gateways.

      PingSafe strongly recommends configuring subnets and network security groups instead of virtual network gateways.

      About the Service :

      The Azure Virtual Network (VNet) is the most basic component of your Azure private network. Many types of Azure resources, such as Azure Virtual Machines (VM), can connect securely with one other, the internet, and on-premises networks, thanks to VNet. Azure resources can securely connect with one other, the internet, and on-premises networks thanks to the Azure virtual network.

      Impact : 

      To satisfy your organization's security and compliance needs, use subnets and network security groups to govern network traffic rather than virtual network gateways.

      Steps to reproduce :

      1. Sign in to your Azure portal with your Azure account.
        https://portal.azure.com/#home 
      2. Navigate to Azure’s All Resources.
      3. In the Type filter select the value as Virtual Network and click Apply.
      4. Next, select the virtual network that you want to examine.
      5. Click on Network Manager under Settings.
      6. Check if there are network gateway connections or not.
      7. Now, check if there are subnets in the Subnets settings.
      8. Virtual Networks should use subnets and network security groups instead of virtual network gateways.
      9. Repeat the same steps for other virtual networks as well.

      Steps for remediation :

      1. Sign in to your Azure portal with your Azure account.
        https://portal.azure.com/#home 
      2. Navigate to Azure’s All Resources.
      3. In the Type filter select the value as Virtual Network and click Apply.
      4. Next, select the virtual network that you want to examine.
      5. Click on Network Manager under Settings.
      6. Check if there are network gateway connections or not.
      7. Virtual Networks should use subnets and network security groups instead of virtual network gateways.
      8. If the virtual network is using a network gateway, select it and click on Delete.
      9. Repeat the same steps for other virtual networks as well.

      References :

      Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

      Thanks

      PingSafe Support