Risk Level: Medium
Cloud Entity: Virtual Machine
CloudGuard Rule ID: D9.AZU.NET.VirtualMachine.UDP
Covered by Spectral: No
VirtualMachine where isPublic=true should not have nics contain [ networkSecurityGroup.inboundSecurityRules contain [protocol in ('UDP','All')] and networkSecurityGroup.inboundSecurityRules contain [ sourceAddressPrefixes contain [ '0.0.0.0/0' ] and destinationAddressPrefixes contain [ '0.0.0.0/0' ]] and networkSecurityGroup.inboundSecurityRules contain [ destinationPortRanges contain [destinationPort in($CloudGuard_Known_UDP_Ports) ] ] ]
- Go to 'Virtual machines' and choose the relevant VM
- Select 'Networking' under 'Settings' in the navigation menu
- Under 'Inbound port rules' examine for overly permissive rules
- Modify the rules accordingly to prevent public access to various UDP ports.
Please find additional information under references.
From Command Line
Inspect virtual machine NSG rules:
az network nsg show --name NETWORK SECURITY GROUP --resource-group RESOURCE GROUP
Note:Additional command line methods for rule update or creation can be found under the references.
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that Azure offers. Typically, you choose a VM when you need more control over the computing environment than the other choices offer. This article gives you information about what you should consider before you create a VM, how you create it, and how you manage it.
- AZU PCI-DSS 4.0
- Azure CIS Foundations v. 1.5.0
- Azure CIS Foundations v.2.0
- Azure CSA CCM v.3.0.1
- Azure CSA CCM v.4.0.1
- Azure CloudGuard Best Practices
- Azure CloudGuard Network Security Alerts
- Azure CloudGuard SOC2 based on AICPA TSC 2017
- Azure GDPR Readiness
- Azure ISO 27001:2013
- Azure LGPD regulation
- Azure NIST 800-53 Rev 4
- Azure NIST CSF v1.1
- Azure New Zealand Information Security Manual (NZISM) v.3.4
- Azure PCI-DSS 3.2
- Azure Security Risk Management
- CloudGuard Azure All Rules Ruleset
Updated 3 months ago