Microsoft Launches Service To Track Azure Traffic
- By Kurt Mackie
- June 22, 2018
Organizations can now use a newly released Microsoft service called "Traffic Analytics" to monitor network activity within their Azure environments.
Generally available starting this week, Traffic Analytics shows how traffic is flowing between the Internet and Azure, as well as traffic within Azure, including traffic across Azure public cloud regions. Traffic flows in subnets and VNets also get tracked.
Organizations might use Traffic Analytics to gain insights into "critical business services and applications," according to Microsoft. The service works without having to deploy software agents or add hardware appliances.
The service also provides some security checks. It shows when traffic is flowing between virtual machines and "rogue networks," and it also detects when applications try to access the Internet. It shows network ports that are "open to the Internet" and displays "anomalous network traffic," such as when servers attempt to connect outside the network.
Microsoft also touts the use of Traffic Analytics for better capacity planning, such as finding network underutilization and latency issues, and analyzing network flows and application access issues.
Microsoft added some capabilities with the general availability release. It now provides specific insights into Azure Application Gateways and Load Balancers. Microsoft also added PowerShell support (version 6.2.1 and higher) for automating operations.
Traffic Analytics requires the use of Log Analytics, which is part of the Microsoft Operations Management Suite, a collection of public cloud management services. Organizations also need to have an Azure Storage account to store the log data that gets collected. Other than listing those two requirements, Microsoft's announcement doesn't describe the costs of using the service.
The service works by taking raw data from Network Security Group logs. The data then get reduced and enhanced with security and geographic information, showing up in Log Analytics (see diagram).
Traffic Analytics is available in multiple supported Azure regions, particularly in the United States, Western and Northern Europe, parts of Australia, and Southeast Asia. However, organizations also need to be using the Log Analytics service with it in specific Azure regions, namely "West Central US, East US, West Europe, UK South, Australia Southeast, or the Southeast Asia region," according to Microsoft's FAQ.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.