In Azure

If you have used  Virtual Machines in Azure like me and were finding it hard to diagnose networking issues, This is the news you’ve been waiting for. Microsoft released a bunch of new features to Azure that allows capturing and diagnosing virtual network packets and firewall (network security group) logs.

The new feature is in preview (some regions only, but they are rolling to more regions out quickly) and is called “Network Watcher“. it allows you to diagnose critical problem and gives you access to packet data from virtual machines.

Visualise Network Topology

You can view the connected endpoints to your network and visualise the complete network topology of your application.

azure-network-watcher-topology

Verify IP Flow

Using “IP flow verify” you can validate a flow (combination of source IP, destination IP, source port, destination port and protocol) is allowed or denied. You will also see which Network Security Group and security rule is allowing or denying the flow.

Packet capture

You can trigger a packet capture on virtual machines. Using advanced filtering using specific source IP, destination IP, source port or destination port. This feature is supported on Windows and Linux virtual machines.

Network Security Group Logs

You can enable logging of NSG flow data that is allowed or denied per NSG. The logged information includes timestamp, source IP, destination IP, source port, destination port and protocol, the NSG name and the security rule. You can also ingest and visualize these logs by Power BI.

Recent Posts

Leave a Comment

Contact Us

You can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt