- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Stealth Rule In Azure VSec Policy
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Stealth Rule In Azure VSec Policy
Hi Gang
I deployed an Azure Vsec Cluster and followed the SKs etc and it's and running fine. I'm starting to build out the policy and have run up against a problem.
Normally I would have the stealth rule as the 2nd or third rule, but when I try to allow nated traffic through to resources on the inside, it is getting dropped by the stealth rule
For Example:
Number: 2774078
Date: 12Oct2017
Time: 13:10:55
Interface: eth0
Origin: 52.169.50.242
Type: Log
Action: Drop
Service: TCP-8088 (8088)
Source Port: 54326
Source: ext_host_95.44.141.143 (95.44.141.143)
Destination: azure-external-int-fw1 (10.10.50.10)
Protocol: tcp
Rule: 3
Rule UID: {4DC1865D-5CF9-4D2A-8B84-7CF435A7BAAE}
Rule Name: Stealth
Current Rule Number: 4-wr-dub-azure1-pol
Information: inzone: External
outzone: External
Product: Security Gateway/Management
Product Family: Network
Policy Info: Policy Name: wr-dub-azure1-pol
Created at: Tue Oct 10 10:43:16 2017
Installed from: irb-dub-mgmt1
Do I need to put the rule which allows this traffic above the Stealth Rule?
Will this mean, that when I publish an App for the internet will I have an any rule above the Stealth Rule?
I had a look for best practices regarding building out policies in Azure, but could find very little.
Could somebody please inform me of the best way to build out a fw policy in CP Azure cluster.
Best regards
John
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |
Thu 09 May 2024 @ 05:00 PM (CEST)
Under the Hood: Automate Azure Virtual WAN security deployments with Terraform