Azure VNet Flow Log Support Simplifies Detection of East/West Movement
by Patrick Bedwell
Netography Fusion recently added support for Microsoft Azure Virtual Network (VNet) flow logs, a new feature in Azure Network Watcher, making it easier for you to use Fusion to detect anomalous activity like East/West movement in your multi-cloud network.
Several of our customers asked us to add support for the new Azure feature, because previously the only way for Azure users to collect flow logs was to use Network Security Groups (NSGs). And, although both VNet flow logs and NSG flow logs record IP traffic, they’re not the same.
In a nutshell, VNet flow logs are a simpler way to monitor your Azure network activity because you can quickly automate the capture of all flow logs within your virtual network. NSGs, on the other hand, are more complex to set up and limit some Azure customers’ ability to monitor traffic because not all Azure services can pass traffic through an NSG.
Regardless of whether you’re a proud new member of Team VNet or a Team NSG OG, Netography Fusion gets you. Fusion supports both VNet flow log monitoring as well as NSG flow log monitoring for any of our customers who haven’t yet migrated.
And, if you aren’t yet a believer in the value of flow logs as the best ever way to monitor your multi-cloud network, what are you waiting for? To quote Microsoft: “Flow logs are the source of truth for all network activity in your cloud environment”.
Support for Azure VNet flow logs is just one of the ways we help you detect activity that should never happen in your network. Netography Fusion delivers orchestrated multi-cloud monitoring via context-enrich metadata without the burden of sensors, agents, or taps.
If you’re concerned about detecting lateral movement or data exfiltration in your multi-cloud network, see for yourself how we can put critical information at the fingertips of your SecOps, CloudOps, or NetOps teams.
For those customers with a significant number of Azure subscriptions or virtual networks, Netography has developed cloud onboarding automation using Terraform to assist you in enabling Azure VNet flow logs across an Azure tenant and onboarding to Fusion.