Share Your Expertise: Help Shape Our Network Practitioner Community
Hello Azure network practitioners, We’re working on refining our understanding of network practitioner personas and building stronger community engagement strategies for networking practitioners. Your insights as an MVP are invaluable to this effort. Could you take a few minutes to complete this short survey? Your feedback will directly influence how we design future programs and resources for the community. 👉 https://forms.office.com/r/dfgXxNwQd9 Thank you for helping us make the Azure networking community even better! Best regards, Dan Product Marketing Manager, Identity & Network Access Growth
New Blog | Enhancing Your Azure Security: Azure DDoS Sentinel Solution and WAF Playbook Integration
In today's digital landscape, the rise of complex cyber threats poses a significant challenge for businesses relying on cloud-based services. Specifically, Distributed Denial of Service (DDoS) attacks are now often being used as a diversion in multi-layer attacks. To safeguard their applications and ensure uninterrupted service availability, organizations must deploy robust security solutions. Microsoft Azure offers powerful security solutions - Azure DDoS Protection, Azure Web Application Firewall (WAF) and Microsoft Sentinel - to help you proactively defend your assets against such attacks. In this blog, we will explore how to integrate the Azure DDoS Sentinel Solution with the Azure WAF Playbook to enable a powerful automated detection and response system. By combining these two solutions, you can ensure a secure and uninterrupted experience for users, protect your services, and minimize the risk of DDoS attacks. Read the full blog: Enhancing Your Azure Security: Azure DDoS Sentinel Solution and WAF Playbook Integration - Microsoft Community Hub
not able to see Diagnostic Setting option under monitoring for Load balancer to collect log data
hi all , i am not seeing that option to collect and ingest data in to log analytic workspace. please help Diagnostic settings option is not there , how to ingest data in that case like i was bale to see that option in Application gateway , but not in load balancer
New Azure Network Security and Azure Sentinel Blog Posts | Integrating Azure Sentinel/Azure Firewall
We’re excited to announce a seamless integration between Azure Firewall and Azure Sentinel. Now, you can get both detection, prevention and response automation in the form of an easy-to-deploy Azure Firewall solution for Azure Sentinel. Combining these capabilities allow you to ensure that you both prevent sophisticated threats when you can, while also maintaining an “assume breach mentality” to detect and quickly/automatically respond to cyberattacks. The Azure Firewall Solution for Azure Sentinel is now available. Please see the security community blog to learn about the new threat detections, hunting queries and automation for Azure Firewall that are included in this new solution <Optimize security with Azure Firewall solution for Azure Sentinel - Microsoft Security>. The automation capability for Azure Firewall with Azure Sentinel is provided with the new Logic App Connector and Playbook Templates. With this integration, you can automate response to Azure Sentinel incidents which contains IP addresses (IP entity), in Azure Firewall. The new Connector and Playbook templates allow security teams to get threat detection alerts directly in a Microsoft Teams Channel when one of the Playbooks attached to an Automation Rule triggers based on a Sentinel detection rule. Security incident response teams can then triage, perform one click response and remediation in Azure Firewall to block or allow IP address sources and destinations based on these alerts. To learn more about deploying, configuring and using the automation for Azure Firewall with the new Custom Logic App connector and Playbooks, please review the instructions in the blog here <Automated Detection and Response for Azure Firewall with the New Logic App Connector and Playbooks (microsoft.com)>. Original Post: New Azure Network Security and Azure Sentinel Blog Posts | Integrating Azure Sentinel/Azure Firewall - Microsoft Tech CommunityNew Blog Post | New Detections for Azure Firewall in Azure Sentinel
New Detections for Azure Firewall in Azure Sentinel (microsoft.com) Readers of this post will hopefully be familiar with both Azure Firewall which provides protection against network-based threats, and Azure Sentinel which provides SEIM and SOAR (security orchestration, automation, and response) capabilities. In this blog, we will discuss the new detections for Azure Firewall in Azure Sentinel. These new detections allow security teams to get Sentinel alerts if machines on the internal network attempt to query/connect to domain names or IP addresses on the internet that are associated with known IOCs, as defined in the detection rule query. True positive detections should be considered as Indicator of Compromise (IOC). Security incident response teams can then perform response and appropriate remediation actions based on these detection signals.
