Ensure that Network Watcher is 'Enabled'

HIGH

Description

Description:

Enable Network Watcher for Azure subscriptions.

Rationale:

Network diagnostic and visualization tools available with Network Watcher help users understand, diagnose, and gain insights to the network in Azure.

Remediation

In Azure Console -

Open the Azure Portal and go to Network Watcher.
Under Logs, select NSG flow logs.
Select Create NSG flow log and step through the wizard prompts.
Note: it is recommended to use Version 2 for more detailed logs.

In Terraform -

For each azurerm_network_security_group resource, create and configure an azurerm_network_watcher_flow_log resource.

References:
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_watcher_flow_log

Policy Details

Rule Reference ID: AC_AZURE_0418

CSP: Azure

Remediation Available: Yes

Domain: Logging and Monitoring

Resource: azurerm_network_watcher_flow_log

Resource Category: Logging and Monitoring

Resource Type: Network Watcher

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
ISO-27001
SOC2