23 Oct
Astra North Infoteck
Toronto
Experience (Years) : 10 & Above
Essential Skills :
- Resources will use NSG flow logs as well as Azure Migrate logs to gather network flows that workloads are using for Azure East / West communications.
- Flows not matching the default policy (already security approved) will be flagged and itemized for application / asset owner review and validation.
- Once validated, the app / asset owner must request security approval for new NSG rules to be created / implemented.
- Each subnet in all of the legacy subscriptions must follow this process until no hits are observed on theany / any rule at which point the team can lock down the subnets for KRI-79 compliance with a deny-any rule to be in place
- Further network analysis is required for North / South traffic that is ingress / egress from the Azure Internet Edge
- All traffic needs to be traversing a GCZ.
- We want to identify all traffic in use in GCZ1.0 with an effort to migrate these workloads to GCZ3.0
Desirable Skills :
This would effectively block any east / west Azure traffic in legacy that has not been explicitly approved by security.
15 hours ago
▶️ Network Engineer - Azure Cloud, NSG Security Rules
🖊️ Astra North Infoteck
📍 Toronto