Azure VM Accelerated Networking Not Enabled
ID: azure-vm-accelerated-networking-disabled
Severity: medium
Author: princechaddha
Tags: cloud,devops,azure,microsoft,virtual-machines,azure-cloud-config
Description
Section titled “Description”Ensure that Accelerated Networking feature is enabled for your Azure virtual machines (VMs) in order to provide low latency and high throughput for the network interfaces (NICs) attached to the VMs. Accelerated networking enables single root input/output virtualization (SR-IOV) for virtual machines, vastly improving its networking performance. This high-performance pathway bypasses the host from the datapath, reducing latency, jitter and CPU utilization, so it can be used with the most demanding network workloads that can be installed on the supported VM types.
YAML Source
Section titled “YAML Source”id: azure-vm-accelerated-networking-disabledinfo: name: Azure VM Accelerated Networking Not Enabled author: princechaddha severity: medium description: | Ensure that Accelerated Networking feature is enabled for your Azure virtual machines (VMs) in order to provide low latency and high throughput for the network interfaces (NICs) attached to the VMs. Accelerated networking enables single root input/output virtualization (SR-IOV) for virtual machines, vastly improving its networking performance. This high-performance pathway bypasses the host from the datapath, reducing latency, jitter and CPU utilization, so it can be used with the most demanding network workloads that can be installed on the supported VM types. impact: | Disabling Accelerated Networking may result in higher latency and lower throughput on network interfaces attached to VMs, leading to potential performance bottlenecks. remediation: | Enable Accelerated Networking on all compatible Azure VMs to ensure optimal network performance. This can be done through the Azure portal or using Azure CLI commands. reference: - https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-accelerated-networking-cli tags: cloud,devops,azure,microsoft,virtual-machines,azure-cloud-config
flow: | code(1); for(let InstanceDetails of iterate(template.vmIDs)) { set("vmId", InstanceDetails); code(2); for(let NicId of iterate(template.nicIDs)) { set("nicId", NicId); code(3); } }
self-contained: truecode: - engine: - sh - bash source: | az vm list --query '[*].id'
extractors: - type: json name: vmIDs internal: true json: - '.[]'
- engine: - sh - bash source: | az vm show --ids "$vmId" --query 'networkProfile.networkInterfaces[*].id'
extractors: - type: json name: nicIDs internal: true json: - '.[]'
- engine: - sh - bash source: | az network nic show --ids "$nicId" --query 'enableAcceleratedNetworking'
matchers: - type: word words: - 'false'
extractors: - type: dsl dsl: - 'vmId + " with NIC " + nicId + " has Accelerated Networking disabled"'# digest: 490a0046304402202bf4ce3bafa78a9a8292ea0f78305330e2b76fe93683025fad1658189fc1324402203c14577f9d5de19fa913c7322f44e9ecdb16238c4e21100b079be01b9eda4a19:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "cloud/azure/virtualmachines/azure-vm-accelerated-networking-disabled.yaml"