Aqua CSPM

Monitor NSG Enabled

Quick Info

Plugin TitleMonitor NSG Enabled
CloudAZURE
CategorySecurity Center
DescriptionEnsures Network Security Groups monitoring is enabled in Security Center
More InfoWhen this setting is enabled, Security Center will audit the Network Security Groups that are enabled on the VM for permissive rules.
AZURE Linkhttps://docs.microsoft.com/en-us/azure/security-center/security-center-policy-definitions
Recommended ActionEnsure Network Security Group monitoring is configured from the Azure Security Center.

Detailed Remediation Steps

  1. Log into the Microsoft Azure Management Console.
  2. Select the “Search resources, services, and docs” option at the top and search for Security Center.
  3. Scroll down the “Security Center” navigation panel and select the “Security policy” option under “POLICY & COMPLIANCE."
  4. On the “Policy Management” page under “Name” column select the “Subscription Name” that needs to be verified.
  5. On the “Security Policy” page scroll down the “Network” section and check the “Monitor network security groups” setting status. If it’s set to “Disabled” then “Monitor network security groups” is not enabled on the selected “Subscription."
  6. Repeat steps number 2 - 5 to check other “Subscriptions” under the “Security Center.“
  7. Navigate to the “Security Center”, select the “Security policy” and under “Policy Management” seelct the “Subscription” that needs to enable the “Monitor network security groups setting."
  8. Select the “Subscription” link under the “Security policy” at the top to get into the configuration settings.
  9. Scroll down the page and under “Parameter” choose the “Monitor network security groups” and select the “AuditIfNotExists” option from the dropdown menu and click on the “Save” button at the bottom to make the necessary changes.
  10. Repeat steps number 7 - 9 to ensure Network Security Group monitoring is configured from the Azure Security Center.