last sync: 2024-Jun-14 18:20:16 UTC

Network Watcher flow logs should have traffic analytics enabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Network Watcher flow logs should have traffic analytics enabled
Id 2f080164-9f4d-497e-9db6-416dc9f7b48a
Version 1.0.1
Details on versioning
Category Network
Microsoft Learn
Description Traffic analytics analyzes flow logs to provide insights into traffic flow in your Azure cloud. It can be used to visualize network activity across your Azure subscriptions and identify hot spots, identify security threats, understand traffic flow patterns, pinpoint network misconfigurations and more.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.enabled Microsoft.Network networkWatchers/flowLogs properties.flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.enabled false
Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.trafficAnalyticsInterval Microsoft.Network networkWatchers/flowLogs properties.flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.trafficAnalyticsInterval false
Rule resource types IF (1)
Microsoft.Network/networkWatchers/flowLogs
Compliance
The following 4 compliance controls are associated with this Policy definition 'Network Watcher flow logs should have traffic analytics enabled' (2f080164-9f4d-497e-9db6-416dc9f7b48a)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
RBI_CSF_Banks_v2016 16.1 RBI_CSF_Banks_v2016_16.1 Maintenance, Monitoring, And Analysis Of Audit Logs Maintenance, Monitoring, And Analysis Of Audit Logs-16.1 n/a Consult all the stakeholders before finalising the scope, frequency and storage of log collection. 5
RBI_CSF_Banks_v2016 4.2 RBI_CSF_Banks_v2016_4.2 Network Management And Security Network Inventory-4.2 n/a Maintain an up-to-date/centralised inventory of authorised devices connected to bank???s network (within/outside bank???s premises) and authorised devices enabling the bank???s network. The bank may consider implementing solutions to automate network discovery and management. 6
RBI_ITF_NBFC_v2017 3.1.g RBI_ITF_NBFC_v2017_3.1.g RBI IT Framework 3.1.g Information and Cyber Security Trails-3.1 n/a The IS Policy must provide for a IS framework with the following basic tenets: Trails- NBFCs shall ensure that audit trails exist for IT assets satisfying its business requirements including regulatory and legal requirements, facilitating audit, serving as forensic evidence when required and assisting in dispute resolution. If an employee, for instance, attempts to access an unauthorized section, this improper activity should be recorded in the audit trail. link 39
SWIFT_CSCF_v2022 6.4 SWIFT_CSCF_v2022_6.4 SWIFT CSCF v2022 6.4 6. Detect Anomalous Activity to Systems or Transaction Records Record security events and detect anomalous actions and operations within the local SWIFT environment. Shared n/a Capabilities to detect anomalous activity are implemented, and a process or tool is in place to keep and review logs. link 52
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Reserve Bank of India - IT Framework for Banks d0d5578d-cc08-2b22-31e3-f525374f235a Regulatory Compliance Preview BuiltIn
[Preview]: Reserve Bank of India - IT Framework for NBFC 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c Regulatory Compliance Preview BuiltIn
SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-04-06 17:42:16 change Patch (1.0.0 > 1.0.1)
2021-05-18 14:34:48 add 2f080164-9f4d-497e-9db6-416dc9f7b48a
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC