module/ConfigurationProvider/ControlConfigurations/Services/AppGateway.json
|
{
"FeatureName": "AppGateway", "Reference": "aka.ms/azsktcp/appGateway", "IsMaintenanceMode": false, "Controls": [ { "ControlID": "Azure_ApplicationGateway_NetSec_Enable_WAF_Configuration_Trial", "Description": "[Trial] Application Gateway should have Web Application Firewall configured", "Id": "AppGateway110", "ControlSeverity": "Medium", "Automated": "Yes", "MethodName": "CheckWAFConfiguredTrial", "DisplayName": "[Trial] Application Gateway should have Web Application Firewall configured", "Rationale": "Web application firewall configuration protects App Gateway from internet based vulnerabilities and attacks without modification to back-end code.", "Recommendation": "To configured WAF, Go to Azure Portal --> App Gateway --> Change the tier to WAF or WAF V2. Also, Enabled the DDOS on the associated Virtual Network and attach every subnet with NSG/Azure Firewall being used in App Gateway.", "Tags": [ "Baseline", "Daily" ], "Enabled": true, "CustomTags": [ "Trial" ] } ] } |