Thoughts from the clouds
You might have heard about VNet Flow Logs, I posted about this new Azure feature here. One of the applications of VNet Flow Logs is to gain visibility into traffic in places that had been blind spots until now, such as in the Gateway Subnets to inspect traffic on VPN or ExpressRoute. Talking about ExpressRoute, … Continue reading ExpressRoute traffic visibility: Flow Logs or Traffic Collector?
You might have heard about the General Availability of Virtual Network Flow Logs in Azure, and even read the announcement blog post. When writing that post with Harsha CS I had the chance to play a bit with VNet Flow Logs and Traffic Analytics, and I would like to share some of the learnings. What … Continue reading VNet Flow Logs recipes
Update: as Srinivas describes in the comments, ingesting Flow Logs with Azure Data Explorer may lead to duplicate records. In every network you want to know what traffic is using it. Networking devices offer multiple options to report on traffic, such as Netflow, sFlow or IPFIX. However, these options are often not available in public … Continue reading Getting visibility into your Azure Traffic with NSG Flow Logs
Azure Traffic Analytics and NSG flow logs are one of Azure’s best kept secrets. In short, you can log every single network flow going through your Network Security Groups (NSGs), including the number of packets and its ingress/egress bandwidth. Traffic Analytics already makes a great job at showing interesting stuff: the scenarios documented in the … Continue reading Azure Traffic Analytics and Breach Detection
Cloudtrooper 