Azure Front Door

Version: Azure Front Door.

Azure Front Door is Microsoft’s modern cloud Content Delivery Network (CDN) that delivers fast, reliable, and secure global access to static and dynamic web content for users and applications.

Netsurion Open XDR manages logs retrieved from Azure Front Door through Azure Event hub. The alerts, reports, dashboards, and saved searches in Netsurion Open XDR are enhanced by capturing important and critical activities in Azure Front Door.

The following are the key assets available in this Data Source Integration.

Alerts

Type	Name	Description
Security	Azure Front Door – Access control violation detected	Generated when an unauthorized/unauthenticated action is detected by Azure Front Door.
Security	Azure Front Door – Potential threat detected	Generated when a potential threat event is detected by Azure Front Door.

Reports

Type	Name	Description
Security	Azure Front Door – WAF events	Provides details about the events that match a Web Application Firewall (WAF) rule in Azure Front Door.
Compliance	Azure Front Door – Audit events	Provides details about all the requests that go through the Azure Front Door.

Dashboards

Type	Name	Description
Operational	Azure Front Door – Geolocation of source IP address	Displays geolocation based on source IP address of Azure Front Door access log.
Operational	Azure Front Door – Request overview	Displays Azure Front Door request based on HTTP requests.

Saved Searches

Type	Name	Description
Security	Azure Front Door – WAF events	Provides details about the events that match a Web Application Firewall (WAF) rule in Azure Front Door.
Compliance	Azure Front Door – Audit events	Provides details about all the requests that go through Azure Front Door.

Documentation

The configuration details are consistent with Netsurion Open XDR 9.3 and later, and Azure Front Door.

Download the Integration Guide for configuration instructions and more information.