Azure Network Security | Microsoft Community Hub

Forum Widgets

Latest Discussions

SEP 26, 2023 | Ask-Me-Anything | Azure Firewall, Azure WAF and Azure DDoS
UPDATED, post-AMA: Here is the AMA recording in case you missed the live session. ************************************************************* Please join us in this Ask Me Anything session with the Azure Network Security CxE PM team. During this session, the Azure Network Security SME (Subject Matter Experts), will answer your questions on Azure Firewall, Azure Firewall Manager, Azure Web Application Firewall and Azure DDoS. This will be a great forum for our Public Community members to learn, interact and have their feedback listened to by the Azure Network Security team. Feel free to post your questions about Azure Network Security solution areas anytime in the comments before the event starts.The team will be answering questions during the live session, with priority given to the pre-submitted questions from the comments below. If you are new to Microsoft Tech-Community, please follow the sign-in instructions. To register for the upcoming live AMA Sep 26, 2023, visit aka.ms/SecurityCommunity. Mohit_KumarandrewmathuSaleemBseeu davidfrazeeShabazShaiktobiotoloringusmodena
Valon_Kolica
Microsoft
Aug 29, 2023
Azure DDoS Protection
Azure Firewall
Azure Firewall Manager
azure network security
Azure WAF
7.6KViews
0likes
21Comments
Webinar Questions
Hi Folks, The Q&A feature on our webinar is having some technical difficulties right now. Feel free to ask your questions here. We are monitoring in real time. You can reply to this post, or you can create a new post. Thanks!
Ryan Heffernan
Microsoft
May 04, 2021
5KViews
4likes
11Comments
Logic app search replace function usage example?
Can someone please give me an example function for search and replace? I'm using html in the sentinel 'add comments' operator and I'm seeing lots of \n characters. I want to remove them all so they don't write line feeds to the output and mess up my html markup. Thank you.
Solved
SocInABox
Iron Contributor
Dec 15, 2021
14KViews
0likes
7Comments
Suggestions for Network Security Blog Content
Please use this thread as a place to suggest topics we can write about on our blog. These could be deep dives on particular features, how-to guides for implementing certain architectures, or any other network security concept. Thanks in advance!
Anthony_Roman
Iron Contributor
Sep 08, 2020
azure network security
2KViews
4likes
5Comments
How does Microsoft Azure ensure Secured Data Migration to the Cloud?
Many organizations, especially those dealing with sprawls of unstructured personal and sensitive data, have preconceived notions and fears about moving their data to the Cloud, in general. But, once they are a part of the Microsoft Trusted Cloud, organizations can rely on Azure for best-in-class security, reliability, compliance, privacy, and a vast ecosystem of trusted people, partners, and processes to support their customers moving to the Cloud. Microsoft Azure is the only cloud provider that offers a secure and consistent platform for companies to work with the Cloud without requiring high-level skill sets to handle the cloud complexities. Microsoft Azure provides various integrated data services and analytics tools to unlock the intelligence hidden in the data. They provide open frameworks and tools with a choice for integrating Azure cloud services with any infrastructure, cloud, or on-premises.
AashimaSharma
Copper Contributor
Dec 15, 2023
azure network security
619Views
0likes
2Comments
WAF v2 and use of Lets Encrypt wildcard
Hello All, I´m using WAF v2 and one of my listeners uses Port 443 and multi-site domain. I´ve generated a SSL WildCard for this domain using Let´s Encrypt. When I put WAF in front of this specific site/domain, I receive an error as following The connection for this site is not secure homolog-icg.icgti.com.bruses an unsupported protocol ERR_SSL_VERSION_OR_CIPHER_MISMATCH. My SSL Policy is as following: Min protocol version TLSv1_2 Cipher suites TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 I have other websites with other SSL WildCard certificate (paid-not free) in the same backend pool but a different Listener and the error doesn´t happen with them also. I would suspect that could be the SSL configuration in the server machine, but if other websites are working fine, my guess should be the certificate that not allow the type of cyphers I have in my SSL Policy. Is this make any sense? Anyone have tried something similar scenario? Thanks Mirella
Solved
mpellizzon
Copper Contributor
Apr 11, 2023
2.4KViews
1like
2Comments
Azure Firewall Public IP and DDoS protection
Hi, We have a zero trust network setup where we use Azure Firewall Standard Edition with hub/spoke model, there is mandatory requirement to assign few Public IP addresses to the firewall, we have included these assigned public IP addresses to a DDoS plan as well. There is no ingress in this environment (It is backend message processing system which does not need any internet / frontend web APIs). As we are running this in production, we see many DDoS mitigation alerts on firewall Public IPs. We are thinking of reducing cost and removing DDoS protection plan because only resources that are the plan are firewall's public IP addresses, hence the questions are: 1. how the azure firewall will behave if assigned public IPs are not included in DDoS protection plan? 2. Do azure firewall internally have bult in mechanism to defend against DDoS attacks on its public IPs 3. Is there standard recommendation that when Azure firewall is deployed, customers also must use DDoS plan?
sachip-msft
Microsoft
Dec 06, 2022
4.1KViews
0likes
2Comments
not able to see Diagnostic Setting option under monitoring for Load balancer to collect log data
hi all , i am not seeing that option to collect and ingest data in to log analytic workspace. please help Diagnostic settings option is not there , how to ingest data in that case like i was bale to see that option in Application gateway , but not in load balancer
Solved
Victor1989
Copper Contributor
Sep 21, 2022
Azure Application Gateway
Azure Firewall
Azure WAF
microsoft sentinel
1.1KViews
0likes
2Comments
Limit of WAF Exclusion
Hi,@camilamartins@tobiotolorin, All, Based on the Link,https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits#application-gateway-limitsthere is a limit of 40 exclusions per Application Gateway. But does it apply to the URI-based WAF policy as well? To explain more, we've 10+ applications Passing via application Gateway. The idea is to have a separate WAF policy for each application with Fine-tuning. We expect at least 10+ in each WAF policy (Applied at URI) does it add up to the application gateway, or if the limit applies to the policy set at the application gateway level? Appreciate your inputs !
CyberSec
Copper Contributor
Sep 09, 2022
3.1KViews
0likes
2Comments
Priority of WAF rule
Hicamilamartins tobiotolorin, Thank you for your excellent work in the WAF blog and sessions. I have questions regarding custom rules, In Prevention mode, I know if a request matches the custom rules, then it does not check for Managed rules. Is it the same behaviour for the Detention Mode as well? or does it match the custom rule, But still check for other rules? Appreciate your inputs!
CyberSec
Copper Contributor
Aug 25, 2022
1.4KViews
0likes
2Comments

Resources

Tags

Share