Ensure that Next Generation Firewall (NGFW) monitoring is enabled within your Microsoft Azure cloud account so that Azure Security Center can assess if the necessary network endpoints have a next generation firewall solution currently deployed. A Next Generation Firewall (NGFW) represents the third generation of firewall technology that combines a traditional firewall with other network device filtering functionalities such as application firewalls using in-line Deep Packet Inspection (DPI), Intrusion Prevention Systems (IPSs), TLS/SSL encrypted traffic inspectors, website filtering, QoS/bandwidth management, antivirus and 3rd-party identity management integration (i.e. LDAP, Active Directory, RADIUS). The goal of NGFWs is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
A Next Generation Firewall (NGFW) extends Azure cloud network protection beyond network security groups. Once "Next Generation Firewall Monitoring" feature is enabled, the Azure Security Center will search for deployments where a NGFW is recommended.
Audit
To determine if Next Generation Firewall (NGFW) monitoring is enabled in the Azure Security Center settings, perform the following actions:
Remediation / Resolution
To enable Next Generation Firewall (NGFW) monitoring for your Microsoft Azure virtual machines (VMs), perform the following actions:
References
- Azure Official Documentation
- Working with security policies
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az
- az account get-access-token
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Enable Next Generation Firewall (NGFW) Monitoring
Risk level: Medium