Skip to content

Commit 4489b14

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #301404 from shijaiswal/docs-editor/traffic-analytics-zero-trust-1750120653
Update traffic-analytics-zero-trust.md
2 parents 55ee807 + 990043c commit 4489b14

File tree

1 file changed

+11
-2
lines changed

1 file changed

+11
-2
lines changed

articles/network-watcher/traffic-analytics-zero-trust.md

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,4 @@
11
---
2-
32
title: Apply Zero Trust Principles to Segment Azure Network through Traffic Analytics
43
description: Learn how to use Azure Traffic Analytics to apply Zero Trust principles, segment networks, and detect security risks in your Azure environment.
54
author: shijaiswal # GitHub alias
@@ -66,7 +65,17 @@ Traffic patterns are visualized using built-in dashboards, with flexibility to c
6665

6766
- **Detect compromised IPs/resources:** Use traffic analytics to identify potentially compromised IP addresses or resources, helping to strengthen security and maintain performance.
6867

69-
The following sections highlight key scenarios where traffic analytics supports micro-segmentation to help implement Zero Trust principles in Azure.
68+
#### How to deploy Zero Trust Segmentation (ZTS) with Traffic Analytics?
69+
70+
As a first critical step to deploy Zero Trust Segmentation over existing or new Azure deployment user needs to
71+
72+
- **Observe the patterns through Traffic Analytics**: Analyze Flow Logs to identify the traffic patterns that are essential for your workload.
73+
74+
- **Start with default deny posture**: It starts with removing or disabling all existing inbound and outbound rules that allows traffic broadly (eg., Allow All, Allow) and adding explicit deny rules for both inbound and outbound traffic
75+
76+
- **Create selective allow rules**: Based on insights from Traffic Analytics, define rules that explicitly allow only the observed and necessary traffic. This approach ensures that only validated, required traffic is permitted, aligning with Zero Trust principle of Verifying explicitly.
77+
78+
The following sections highlight key scenarios where traffic analytics supports segmentation to help implement Zero Trust principles in Azure.
7079

7180
## Scenario 1: Detect traffic flowing through risky or restricted regions
7281

0 commit comments

Comments
 (0)