diff --git a/azure-resources/Network/applicationGateways/recommendations.yaml b/azure-resources/Network/applicationGateways/recommendations.yaml index bdd95de1d..472d8c84f 100644 --- a/azure-resources/Network/applicationGateways/recommendations.yaml +++ b/azure-resources/Network/applicationGateways/recommendations.yaml @@ -92,7 +92,7 @@ recommendationResourceType: Microsoft.Network/applicationGateways recommendationMetadataState: Active longDescription: | - Enable logging in storage accounts, Log Analytics, and monitoring services for auditing and insights. If using NSGs, enable NSG flow logs to be stored, providing in-depth traffic analysis into Azure Cloud. + Enable logging in storage accounts, Log Analytics, and monitoring services for auditing and insights. potentialBenefits: Enhanced traffic insight and audit pgVerified: true publishedToLearn: false diff --git a/azure-resources/Network/networkSecurityGroups/kql/da1a3c06-d1d5-a940-9a99-fcc05966fe7c.kql b/azure-resources/Network/networkSecurityGroups/kql/da1a3c06-d1d5-a940-9a99-fcc05966fe7c.kql index ed427e3f2..18ee3d9af 100644 --- a/azure-resources/Network/networkSecurityGroups/kql/da1a3c06-d1d5-a940-9a99-fcc05966fe7c.kql +++ b/azure-resources/Network/networkSecurityGroups/kql/da1a3c06-d1d5-a940-9a99-fcc05966fe7c.kql @@ -11,4 +11,3 @@ resources on $left.lowerCaseNsgId == $right.lowerCaseTargetNsgId | where isempty(lowerCaseTargetNsgId) | project recommendationId = "da1a3c06-d1d5-a940-9a99-fcc05966fe7c", name, id, tags, param1 = "NSGFlowLog: Not configured/Disabled" - diff --git a/azure-resources/Network/networkSecurityGroups/recommendations.yaml b/azure-resources/Network/networkSecurityGroups/recommendations.yaml index 2dea1d09d..e886160cd 100644 --- a/azure-resources/Network/networkSecurityGroups/recommendations.yaml +++ b/azure-resources/Network/networkSecurityGroups/recommendations.yaml @@ -58,7 +58,7 @@ recommendationControl: Monitoring and Alerting recommendationImpact: Medium recommendationResourceType: Microsoft.Network/networkSecurityGroups - recommendationMetadataState: Active + recommendationMetadataState: Disabled longDescription: | Monitoring, managing, and understanding your network is crucial for protection and optimization. Knowing the current state, who and from where connections are made, open internet ports, expected and irregular behavior, and traffic spikes is essential. potentialBenefits: Enhances security and optimizes network diff --git a/azure-specialized-workloads/avd/_index.md b/azure-specialized-workloads/avd/_index.md index dc01c6c0b..1b68d91a4 100644 --- a/azure-specialized-workloads/avd/_index.md +++ b/azure-specialized-workloads/avd/_index.md @@ -23,7 +23,6 @@ geekdocHidden: false | [Connect on-prem networks to Azure critical workloads via multiple ExpressRoutes](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/expressRouteCircuits/#connect-on-prem-networks-to-azure-critical-workloads-via-multiple-expressroutes) | Network | expressRouteCircuits | | [Ensure ExpressRoute's physical links connect to distinct network edge devices](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/expressRouteCircuits/#ensure-expressroutes-physical-links-connect-to-distinct-network-edge-devices) | Network | expressRouteCircuits | | [Use Zone-redundant ExpressRoute gateway SKUs](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/virtualNetworkGateways/#use-zone-redundant-expressroute-gateway-skus) | Network | virtualNetworkGateways | -| [Configure NSG Flow Logs](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/networkSecurityGroups/#configure-nsg-flow-logs) | Network | networkSecurityGroups | | [Ensure that storage accounts are zone or region redundant](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Storage/storageAccounts/#ensure-that-storage-accounts-are-zone-or-region-redundant) | Storage | storageAccounts | | [Enable Azure Private Link Service for Key vault](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/KeyVault/vaults/#enable-azure-private-link-service-for-key-vault) | Keyvault | vaults | | [Configure Service Health Alerts](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Insights/activityLogAlerts/#configure-service-health-alerts) | Insights | activityLogAlerts | diff --git a/tools/data/recommendations.json b/tools/data/recommendations.json index 2ae02f152..8b1fab357 100644 --- a/tools/data/recommendations.json +++ b/tools/data/recommendations.json @@ -1387,7 +1387,7 @@ "publishedToAdvisor": null, "aprlGuid": "da1a3c06-d1d5-a940-9a99-fcc05966fe7c", "recommendationTypeId": null, - "recommendationMetadataState": "Active", + "recommendationMetadataState": "Disabled", "learnMoreLink": [ { "url": "https://learn.microsoft.com/azure/network-watcher/network-watcher-nsg-flow-logging-overview", @@ -2099,7 +2099,7 @@ } ], "recommendationControl": "Monitoring and Alerting", - "longDescription": "Enable logging in storage accounts, Log Analytics, and monitoring services for auditing and insights. If using NSGs, enable NSG flow logs to be stored, providing in-depth traffic analysis into Azure Cloud.\n", + "longDescription": "Enable logging in storage accounts, Log Analytics, and monitoring services for auditing and insights.\n", "pgVerified": true, "description": "Monitor and Log the configurations and traffic", "potentialBenefits": "Enhanced traffic insight and audit",