Receive Email Notification when new IDPS rules get Created via Logic Apps - Microsoft Tech Community
Azure Firewall Premium provides advanced threat protection capabilities to meet the needs of highly sensitive and regulated environments. One of these capabilities is IDPS, a network intrusion detection and prevention system that allows you to monitor network activities for malicious activity, and optionally block the activity from occurring. This capability is signature-based and detects attacks by looking for specific patterns, such as byte sequences in network traffic, or known malicious intrusion sequences used by malware for both application and network level traffic (Layers 3-7) in inbound, spoke-spoke, and outbound traffic. Currently, there are over 58,000 rules in over 50 categories, including malware command and control, phishing, trojan, botnets, SCADA network protocols, and more. The signatures are fully managed and continuously updated by Microsoft, with around 20-40+ new rules being released each day. A common request from customers is to receive notifications when there are new updates or additions to the signatures, which can now be automated through a Logic App using the Firewall Policy IDPS signatures REST API. The remainder of this blog will guide you on how to deploy the Logic App to receive notifications about any signature updates daily.