Azure Network Security Group Monitoring
Azure Network Security Group is a networking service that allows you to filter network traffic to and from Azure resources within a virtual network.
With Site24x7's integration, you can now monitor your Azure Network Security Group, configure thresholds, and receive alerts about critical issues. Site24x7 provides dashboard visualization and alerting capabilities for key metrics like Total Custom Security Rules, Total Subnets, and Total Network Interfaces.
Setup and configuration
You can add Azure Network Security Group while adding a new monitor or you can add it to an existing Azure monitor. Follow these steps to add the service.
Monitored metrics
These metrics are collected and monitored by Site24x7. They are displayed as dashboards and support threshold-based alerting.
| Tab | Metric name | Description | Statistic | Unit |
|---|---|---|---|---|
| Performance | Total Custom Security Rules | The total number of custom security rules in the network security group | Total | Count |
| Total Subnets | The total number of subnets associated with the network security group | Total | Count |
Configuration data
This data provides information about the configuration of your Network Security Group and its associated resources. It is displayed in the Summary tab.
| Tab | Data name | Description |
|---|---|---|
| Custom Security Rules | Name | The name of the security rule |
| Direction | The direction of traffic (inbound or outbound) | |
| Priority | The priority of the rule (lower numbers have higher priority) | |
| Port | The port or port range that the rule applies to | |
| Protocol | The network protocol this rule applies to (TCP, UDP, ICMP, etc.) | |
| Source | The source IP address or CIDR block | |
| Destination | The destination IP address or CIDR block | |
| Action | The action to take (Allow or Deny) | |
| Default Security Rules | Name | The name of the default security rule |
| Direction | The direction of traffic (inbound or outbound) | |
| Priority | The priority of the rule (lower numbers have higher priority) | |
| Port | The port or port range that the rule applies to | |
| Protocol | The network protocol this rule applies to (TCP, UDP, ICMP, etc.) | |
| Source | The source IP address or CIDR block | |
| Destination | The destination IP address or CIDR block | |
| Action | The action to take (Allow or Deny) | |
| Subnets | Virtual Network | The virtual network to which the subnet belongs |
| Subnet | The name of the subnet associated with the network security group | |
| Network Interfaces | Total Network Interfaces | The total number of network interfaces associated with the network security group |
Threshold configuration
Global configuration
- In the Site24x7 web client, go to the Admin section on the left navigation pane.
- Select Configuration Profiles from the left pane and select the Threshold and Availability (+) tab from the drop-down menu.
- Click Add Threshold Profile in the top-right corner.
- For Monitor Type, select Azure Network Security Group.
You can now set the threshold values for the metrics that support threshold-based alerting:
- Total Custom Security Rules - Set thresholds to be notified when the number of rules approaches your Azure subscription limits
- Total Subnets - Monitor for unexpected changes in the number of associated subnets
Monitor-level configuration
- In the Site24x7 web client, go to Cloud > Azure and select Azure Network Security Group from the drop-down menu.
- Choose a resource you would like to set a threshold for, then click the hamburger icon
. - Select Edit, which directs you to the Edit Azure Network Security Group Monitor page.
- You can set the threshold values for the metrics by selecting Threshold and Availability.
You can also configure IT Automation at the attribute level.
IT Automation
Site24x7 offers a set of exclusive IT Automation tools that automatically resolve performance degradation issues. These tools react to events proactively rather than waiting for manual intervention.
How to configure IT Automation for a monitor
Configuration Rules
With Site24x7's Configuration Rules, you can set parameters like Threshold Profile, Notification Profile, Tags, and Monitor Group for multiple monitors.
How to add a Configuration Rule
Dependency View
The Dependency View provides a visual representation of how the Network Security Group is linked to other Azure resources. This view helps you understand the security configuration and identify potential vulnerabilities or issues in your network security setup.
The view shows:
- How the Network Security Group is connected to virtual networks and subnets
- The relationship between Network Security Group and network interfaces
- Connections to other Azure resources such as virtual machines, application gateways, and load balancers
- Security rule flow patterns based on the defined rules
This visualization helps in troubleshooting network security issues and optimizing your security configuration for better protection and compliance.