Trafficking in Insight –
Microsoft’s Traffic Analytics for Azure recently became generally available, and it’s shaping up to be a valuable addition to IT’s network monitoring capabilities.
The solution uses Network Watcher network security group (NSG) flow logs to create a comprehensive view of an organization’s traffic flows within Azure and to the broader internet. This also includes VNets, subnets, and Azure’s public cloud.
As in everything IT, knowledge is power. Accordingly, the broad, visual audit of traffic flow will be a boon for network optimization and efficiency. Traffic Analytics will reveal over-provisioned and under-utilized areas, helping right-size deployments and, eventually, reduce costs.
The solution includes security benefits as well. It’ll alert administrators to anomalous behavior, which can include connections to rogue networks and non-compliant workloads. Ports open to the internet or allowing malicious traffic are also flagged.
If you’ve tried Traffic Analytics during the three month preview period, there are a few additions to the generally available version. The solution has expanded to include analyses of Azure Application Gateways and Load Balancers. It also now supports PowerShell (versions 6.2.1) if you’re interested in building some NSG automation into operations. Supported regions have also been expanded to include Southeast Asia.
Happily, Traffic Analytics for Azure doesn’t appear to have a price tag. It does require Log Analytics (part of Microsoft’s Operations Management Suite) and an Azure Storage Account, however. Ready to get started? Read a breakdown from Kurt Mackie (@kurmac) here or dive into the details here.