General availability: Public IP information and inter-zone traffic among many new insights in Traffic Analytics
Published date: July 21, 2021
Traffic Analytics is an Azure-native solution that allows you to get insights about the Azure Virtual Network flows originated by or targeted to your applications. For example, identifying network activity hot spots, security threats or network usage patterns is made very easy by navigating over the several ready-made Traffic Analytics dashboards. This solution depends on Network Security Group (NSG) Flow Logs to generate these insights.
Several key traffic insights have recently been added to Traffic Analytics dashboard:
- Public IP Information: WHOIS data and geographic location is available for all the public IPs interacting with your environment, thus enabling improved traffic mapping and source identification.
- Malicious IP Information: DNS domain, threat type and threat description fetched from Microsoft’s Threat Intelligence solutions is shown upfront for all the malicious IP conversing with your deployments, thus providing threat detection and analysis capabilities.
- VMSS tagging: Traffic flows are now tagged with VMSS along with the existing tagging of VMs, allowing bandwidth monitoring and top talker analysis at the VMSS level.
- Inter availability zone traffic: Traffic flowing between availability-zones is now tracked. Empowering you to understand your inter-zone egress consumption.
You can also query the public IP and malicious IP information from log analytics workspace, refer this schema for details.