Risk Level: High
Cloud Entity: Azure Application Gateway
CloudGuard Rule ID: D9.AZU.NET.18
Covered by Spectral: Yes
Category: Networking & Content Delivery

GSL LOGIC

ApplicationGateway should have firewall.enabled or regionalWAFPolicy.policySettings.state='Enabled'

REMEDIATION

From Portal

Navigate to the Application gateways
For each Application gateway:
Select Web application firewall from the menu
Make sure that Firewall Status is enabled and that tier is WAF.
Note: Choosing the WAF tier allows you to enable a web application firewall for enhanced security on your web applications. Changing from the WAF tier to the standard tier is not supported.

Azure Application Gateway

Azure Application Gateway gives you application-level routing and load balancing services that let you build a scalable and highly-available web front end in Azure. You control the size of the gateway and scale your deployment based on your needs.

Compliance Frameworks

Azure CSA CCM v.4.0.1
Azure CloudGuard Best Practices
Azure CloudGuard CheckUp
Azure HITRUST v9.5.0
Azure NIST 800-53 Rev 5
CloudGuard Azure All Rules Ruleset