Ensure that the IP Forwarding feature available for your Microsoft Azure virtual machines (VMs) is monitored by the Azure Security Center service for security and compliance purposes.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
Enabling IP forwarding on a virtual machine's network interface (NIC) allows the machine to act as a router and receive traffic addressed to other destinations. IP forwarding is rarely required (for example, when using the virtual machine as a network virtual appliance), therefore the feature should be monitored in order to be audited by your network security team.
Audit
To determine if IP forwarding for virtual machines is continuously monitored using Microsoft Azure Security Center, perform the following operations:
Remediation / Resolution
To enable virtual machine IP forwarding monitoring using Microsoft Azure Security Center service, perform the following operations:
References
- Azure Official Documentation
- Monitor identity and access
- Azure security policies monitored by Security Center
- Working with security policies
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Enable Virtual Machine IP Forwarding Monitoring
Risk level: Medium