CloudNetDraw – Instantly generate Azure network diagrams
Hi everyone, I wanted to share a tool I’ve built that might help some of you who regularly document or review Azure network topologies. CloudNetDraw is a free tool that generates Azure network diagrams (HLD and MLD) directly from your environment. It supports both user login and service principals — or you can self-host it. What it does: Visualizes hub and spoke topology Shows all subnets with CIDRs Highlights NSG and UDR presence Exports editable Draw.io files Hosted version available, or deploy it yourself Open source on GitHub Try it here: https://www.cloudnetdraw.com GitHub repo: https://github.com/krhatland/cloudnet-draw Privacy & Security: CloudNetDraw does not collect any information about your network resources or environment. Drawings are generated in memory and deleted immediately after use. We do not store, access, or analyze your topology data. Would love to hear your thoughts or suggestions! Thanks, Kristoffer
Network Monitoring
Hi, I recently applied Network Security Groups on Virtual Networks (NSG). Now my question is, is it possible to monitor / record the network traffic? For example, I've configured many rules on the NSG, now a application on a Server won't work and my first guess is the NSG is blocking the communication. How do I see now which port the application is using so I can set a new rule to the NSG? I know when you already know the port you can check it in Network Watcher "IP flow verify and NSG diagnostics" as a whatif state. Traffic Analytics isn't the right answer too or am I seeing it wrong? Vnet Flow Logs should be the right thing. I configured it, applied traffic analytics and a account storage. Applied it for testing on a nic but I don't see anything practical for my use? The only thing Iwish is to see live or logged the traffic if the NSG blocked anything and troubleshoot.MS Guidance on NSGs on NICs vs on Subnets
I'm looking for any MS best practices around NSGs on network cards and I can't seem to find any. I've found the NSG best practices but I haven't found any on if it's best practice to have NSGs on just the subnet or the subnet and the NIC. I'm leaning toward just the subnet. Thoughts? Here is what I've found so far https://docs.microsoft.com/en-us/azure/security/fundamentals/network-best-practicesMS Guidance on NSGs on NICs vs on Subnets
I'm looking for any MS best practices around NSGs on network cards and I can't seem to find any. I've found the NSG best practices but I haven't found any on if it's best practice to have NSGs on just the subnet or the subnet and the NIC. I'm leaning toward just the subnet. Thoughts? Here is what I've found so far https://docs.microsoft.com/en-us/azure/security/fundamentals/network-best-practices
