After three months of preview, Microsoft's Traffic Analytics for Azure is generally available. It does everything you'd expect, providing useful informative tools for users and applications, as well as actionable insights.
Over its preview period, traffic analytics has analyzed “terabytes of flow logs on a regular basis”. The solution has helped customers audit networks, detect security issues, optimize workloads, and ultimately reduce costs.
New Traffic Analytics Features
With general availability, Microsoft is adding a number of additional enhancements. According to senior program manager Yajvendra Gupta, these will help to secure and optimize networks more intuitively:
- “Your environment: Provides a view into your entire Azure network, identifies inactive regions, virtual networks, and subnets – for example, network locations with VMs and no network activity for further analysis. Detects malicious flows as they flow across application gateways, subnets, and networks. Indicate open ports conversing over the Internet and hosts sending traffic to the Internet to qualify possible threats.
- Summary view: Provides a summary of allowed, blocked, benign, and malicious flows across inbound and outbound traffic. Unusual increase in traffic types merit forensic investigations, such as higher number of allowed malicious flows and higher number of benign blocked flows.
- Application activity: Identify workload activity including applications generating or consuming the most flows and the top VM conversation pairs at granularities ranging from VNets to hosts. Secure your network using insights from malicious and blocked traffic by the application/port, or update your network security groups (NSG) to allow normal traffic.
- Capacity planning: VPNs constitute an important medium for hybrid and inter-VNet connectivity. View utilization across your gateways, and detect under-utilized or maxed-out gateways.
- Application Gateway and Load Balancer support: Traffic Analytics now extends its analytics capabilities to include traffic flowing through Azure Application Gateways and Load Balancers. Get insights on traffic pattern, resources impacted by malicious traffic, and traffic distribution to backend pool instances and hosts.
- Secure your cloud network with NSG insights: Gain detailed statistics ranging from the top five NSGs and NSG rules to detailed flow information.”
Another big feature is the ability to automate deployment via PowerShell 6.21 and higher. Microsoft says customers with several NSGs across regions can get up and running in minutes. Speaking of regions, support is now live for workspaces in South East Asia, addressing a vital blind spot.
You can find more information on the Microsoft blog.