Detections
Analytics

Ensure that VPN Encryption is enabled for Azure Virtual WAN

MEDIUM

Description

VPN Encryption is disabled for Azure Virtual WAN. This can have an impact on the confidentiality of the data.

Remediation

The console UI doesn't have the same option to disable VPN encryption, however if it is disabled in Terraform, follow the steps below to remediate.

In Terraform -

  1. In the azurerm_virtual_wan resource, set disable_vpn_encryption to false.

References:
https://learn.microsoft.com/en-us/azure/virtual-wan/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_wan#disable_vpn_encryption

Policy Details

Rule Reference ID: AC_AZURE_0354
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_virtual_wan
Resource Category: Virtual Network
Resource Type: Virtual WAN

Frameworks