Azure Virtual Network

Established Network Gateways Connections

Risk Level: MEDIUM

Description: 

This plugin assures that virtual network gateways have no established connections to fulfil your organization's security compliance needs. Azure Virtual Network Gateway is a cross-premises gateway that connects Azure Virtual Network workloads to on-premises locations.

PingSafe strongly recommends deleting network gateway connections.

About the Service :

The Azure Virtual Network (VNet) is the most basic component of your Azure private network. Many types of Azure resources, such as Azure Virtual Machines (VM), can connect securely with one other, the internet, and on-premises networks, thanks to VNet. Azure resources can securely connect with one other, the internet, and on-premises networks thanks to the Azure virtual network.

Impact : 

Virtual network gateways should not have any established connections to meet your organization's security compliance requirements.

Steps to Reproduce :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s All Resources.
  3. In the Type filter select the value as Virtual Network and click Apply.
  4. Next, select the virtual network that you want to examine.
  5. Click on Network Manager under Settings.
  6. Check if there are network gateway connections or not.
  7. Repeat the same steps for other virtual networks as well.

Steps for remediation :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s All Resources.
  3. In the Type filter select the value as Virtual Network and click Apply.
  4. Next, select the virtual network that you want to examine.
  5. Click on Network Manager under Settings.
  6. Check if there are network gateway connections or not.
  7. If there are network gateway connections, select the connection and click on delete.
  8. Repeat the same steps for other virtual networks as well.


References :

Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

Thanks

PingSafe Support