CALL US: USA +1 561-898-1100 | EUROPE +44-20-7048-2021

5nine AzSec

Azure Security, Simplified Streamline management of Azure firewall rules and logs.

  • Complete Azure firewall projects up to 5X faster than using the Azure portal
  • Integration with OMS streamlines alert configuration
  • Configure Azure firewall rules in a single step
  • Easily download, save and analyze Azure VM network traffic logs
  • Support of multi-tenant profiles
  • VM Security Groups Support
  • Scheduled saving for Azure logs

pdfDatasheet

5nine AzSec is an intuitive application that creates, maintains and manages inbound/outbound traffic rules for virtual machines in Azure. Firewall log data is collected, displayed and managed in a central console. 5nine AzSec is offered as a standalone application or comes bundled as an integrated solution with 5nine Cloud Security.

The bundled offering enables hybrid cloud administrators to manage firewall rules and logs across Azure and Hyper-V from a single access point. These events can also be forwarded to SIEM and UEBA systems, which includes SPLUNK and Microsoft Operations Management Suite (OMS).

Key Features

  • Conveniently view, save, export and analyze firewall log data
  • Create new Azure firewall rules in a single step
  • Create Azure firewall rules from pre-built templates
  • Configure OMS alerts from a centralized console
  • Meet compliance mandates with Azure firewall log retention and analysis
  • Gain increased visibility of Azure spending and usage

Features

View, save, export and analyze firewall log data

5nine AzSec provides you with the management capabilities you need to archive, analyze and audit Azure firewall logs. View firewall logs within the product or export them to a variety of file formats: vfw, xls, csv, html and others. Each record provides rich detail – time, rule name, action, protocol, source, target, destination, address and destination port – so you can analyze the data according to your particular use case. You also have the ability to control how many records are visible in each view. With 5nine AzSec, you have the flexibility you need to manage logs according to your particular use case.

Configure OMS alerts from a centralized console

The Microsoft Operations Management Suite (OMS) integration provides you the flexibility to configure OMS email alerts from the 5nine AzSec interface. These alerts will proactively notify you of suspicious activity based on the parameters you define. For example, you can create alerts for common events like http traffic, firewall policy changes and 404 errors. You have the flexibility to customize the email alert’s subject line and distribution list to ensure all necessary parties are aware of the issue.

Create Azure firewall rules from pre-built templates

Rule templates enable you to consistently apply firewall rules to security groups in your Azure environment. Select from a list of preconfigured rules and automatically populate the form fields based on the option you choose. Parameters like protocol, destination port and priority are immediately populated while still allowing you the ability to make changes based on your environment’s specifications.

Configure Azure firewall rules in a single step

5nine AzSec enables you create firewall rules in a single step, which dramatically saves time and resources. Simply populate the field values – adapter, priority, rule name, description, action, direction, source port range, source/destination port range, protocol and remote IP – and you’re done. You can even set the values from built-in common templates, so you can consistently apply the rule.

Gain increased visibility of Azure spending and usage

5nine AzSec provides the ability to review your Azure subscription status, usage and billing summary from within its seamless interface. You can specify a date range to pinpoint the exact criteria or event you are looking for.

Meet compliance mandates with automated Azure firewall log retention

Many compliance requirements mandate that Azure firewall logs be retained separately from the server in which they were generated. The process is complex and multistep if done manually through the Azure portal. Fortunately, the integration between 5nine AzSec and 5nine Cloud Security enables you to automatically export and retain Azure firewall logs to your SIEM or UEBA system of choice. Azure firewall log data is first pulled into 5nine AzSec, which then passes the data to 5nine Cloud Security, which then ported to either syslog, Splunk or your SIEM / UEBA system of choice.

  • Simplify Azure firewall log retention
  • Meet regulatory compliance
  • Export Azure firewall logs to syslog (subsequently to OMS), Splunk and other SIEM systems

System Requirements / Supported Operating Systems

 

Windows ServerWindows 7 64-bit or higher
Windows Server 2008 R2 SPI or higher

Prerequisites:

.NET Framework 4.5 or higher
Note: Log Forwarding to Microsoft Operations Management Suite (OMS) from 5nine Cloud Security

  • Requires setting Syslog server name or IP Address in Cloud Security
  • Target Syslog server requires OMS agent configured to forward syslog messages to the OMS Log Analytics platform
  • See the following link for more information: Syslog Collection in Operations Management Suite

Want More to Learn More?

 

CONTACT SALES