Skip to main content

lacework-global-816

info

Ensure that Network Watcher is 'Enabled' (excludes Reserved access regions) (Automated)

Description

Enable Network Watcher for physical regions in Azure subscriptions which are not subject to restricted access.

Remediation

Opting out of Network Watcher automatic enablement is a permanent change. Once you opt-out, you cannot opt-in without contacting support.

To manually enable Network Watcher in each region where you want to use Network Watcher capabilities, follow the steps below.

From Azure Portal:

  1. Go to Network Watcher.
  2. Click Create.
  3. Select a Region from the drop-down menu.
  4. Click Add.

From Azure CLI:

az network watcher configure --locations <region> --enabled true --resource-group <resource_group>

References

https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-overview
https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-create?tabs=portal
https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-logging-threat-detection#lt-4-enable-network-logging-for-security-investigation
https://azure.microsoft.com/en-gb/explore/global-infrastructure/products-by-region/?products=network-watcher®ions=all&rar=true
https://azure.microsoft.com/en-ca/pricing/details/network-watcher/