跳到主要内容

Evaluate Network Traffic Flows

Implementation Effort: Medium

User Impact: Low

Overview

Evaluate your network traffic flows to uncover hidden risks, validate segmentation boundaries, and drive targeted Zero Trust improvements. Use Azure Virtual Network Manager to centrally enable and manage Virtual Network Flow Logs and NSG Flow Logs (including security admin rules) across your network groups, ensuring consistent policy enforcement and broad visibility. Then, ingest those logs into Traffic Analytics to visualize patterns through built-in workbooks—spotting unusual spikes, high-volume “top talkers,” and unexpected cross-subnet communication. For protocol-level insights, run packet captures on critical subnets or VMs using Network Watcher’s packet-capture feature to verify application ports, TLS usage, and encryption parameters. Continuously review these findings to refine your NSG rules, firewall policies, and segmentation design—ensuring that your network flows align with least-privilege principles and maintain a strong security posture.

Reference