Risk Level: Low
Description:
This plugin guarantees that Network Watcher is turned on on all of your computers. Network Watcher aids with the discovery, diagnosis, and analysis of Azure networks. By enabling Network Watcher in every location, you can ensure that no resources are being used in places where they aren't supposed to be.
PingSafe strongly recommends enabling the Network Watcher service in all locations.
About the Service :
In an Azure virtual network, a network security group may be used to restrict network traffic to and from Azure resources. A network security group is a collection of security rules that allow or disallow incoming and outgoing network traffic to and from various Azure services. Source and destination, port, and protocol can all be specified for each rule.
Impact :
By enabling Network Watcher in every location, you can ensure that no resources are being used in places where they aren't supposed to be.
Steps to reproduce :
- Sign in to your Azure portal with your Azure account.
https://portal.azure.com/#home
- Navigate to Azure’s Network Watcher.
- Click on the Network Watcher that you want to examine.
- We can clearly see that the Network Watcher is not enabled.
- Follow the same steps for other Network Watchers as well.
Steps for remediation :
- Sign in to your Azure portal with your Azure account.
https://portal.azure.com/#home - Navigate to Azure’s Network Watcher.
- Click on the Network Watcher that you want to examine.
- We can clearly see that the Network Watcher is not enabled.
- Next, click on Add and then add the region and click Add.
- Now we have a Network watcher enabled for the region we selected.
- Follow the same steps for other Network Watchers as well.
References :
Please feel free to reach out to support@pingsafe.ai with any questions that you may have.
Thanks
PingSafe Support