Azure_SecurityCenter_9

Ensure ASC Default policy setting Enable Next Generation Firewall(NGFW) Monitoring is not Disabled

Description

Enable next generation firewall recommendations for virtual machines.

Remediation

Perform the following in the Azure Console:

  1. Navigate to Azure Policy
  2. On Policy Overview blade, Click on Policy ASC Default (Subscription:Subscription_ID)
  3. On ASC Default blade, Click on Edit Assignments
  4. In section PARAMETERS , Set Enable Next Generation Firewall(NGFW) Monitoring to AuditIfNotExists or any other available value than Disabled
  5. Click Save

References:

  1. https://docs.microsoft.com/en-us/azure/security-center/security-center-policies 
  2. https://msdn.microsoft.com/en-us/library/mt704062.aspx
  3. https://msdn.microsoft.com/en-us/library/mt704063.aspx
  4. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/get
  5. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/create
  6. https://docs.microsoft.com/en-us/azure/security-center/security-center-add-next-generation-firewall 

Service

Security Center

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!