Azure Application Gateway

Version: Azure LogForwarder version 1.0 and above.

Azure Application Gateway is a web traffic load balancer that enables managing traffic to web applications. The Azure Application Gateway supports features like SSL/TLS termination, Autoscaling, Zone redundancy, Static VIP, Web Application Firewall, Ingress Controller for AKS, URL-based routing, Multiple-site hosting, Redirection, Session affinity, and more.

Netsurion's Open XDR platform facilitates monitoring events retrieved from the Azure Application Gateway. The dashboard, category, alerts, and reports in Netsurion's Open XDR platform benefit in tracking application vulnerabilities, brute force attacks, scripting attacks, SQL injection attacks, and others.

After the Azure Application Gateway is configured to deliver events to the Netsurion's Open XDR platform, the dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Azure Application Gateway - Application vulnerabilities detected This alert is triggered when vulnerabilities like remote file inclusion, remote code execution, HTTP protocol violations/anomalies, and request smuggling are detected.
Security Azure Application Gateway - Brute force detected This alert is triggered when brute force is detected.
Security Azure Application Gateway - Cross-site scripting attack This alert is triggered when potentially malicious content is detected in the requests through the gateway which may be linked to XSS or PHP scripting.
Security Azure Application Gateway - SQL injection detected This alert is triggered when SQL injection is detected.

Reports

Type Name Description
Security Azure Application Gateway - Access error summary This report provides a detailed summary of access events in Azure Application Gateway. The report includes the client IP, requested URL, response latency, return code, bytes in and out, and more.
Security Azure Application Gateway - Firewall report This report provides a detailed summary of the requests that are logged through either detection or prevention mode of an application gateway that is configured with the web application firewall. The report includes the client IP, requested URL, response latency, return code, prevention/detection method, and more.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.3 or later, and Azure-LogForwarder version 1.0 and above.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept