跳到主要内容

Enable IDPS to inspect all east-west traffic on Azure Firewall

Implementation Effort: Medium

User Impact: Medium

Overview

Enable IDPS in your Azure Firewall Premium policy to inspect all east–west (internal) traffic flows, ensuring lateral movement attempts are detected and blocked.

Within the IDPS section of your Firewall Policy, select Alert or Deny mode to apply the managed signature set—covering exploits, malware, and command-and-control—against traffic between your VNets and peered networks. Be sure to configure your private IP address ranges so the firewall accurately categorizes internal versus perimeter traffic. This extends your signature-based protection to both internal (east–west) and perimeter (north–south) communications, hardening your environment against sophisticated lateral threats.

Reference