want to block malicious IPs in azure

AVR 21 Reputation points
2022-11-02T12:21:05.627+00:00

Hi ,

Want to block malicious IPs in azure using any automation solutions.. Please advise best ..

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,127 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,140 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,875 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stanislav Zhelyazkov 21,181 Reputation points MVP
    2022-11-02T12:38:35.063+00:00

    Hi,
    Your question is very general so I will answer in general. There isn't a best solution. It is more of a what you are comfortable with in terms of knowledge and skills. Overall you have 3 main services you can use:

    • Azure Automation account - suitable for more operations oriented engineers. As languages you can use PowerShell and Python.
    • Azure Logic App - suitable for engineers that do not code much. This is a low code service. You have a pre-defined variety of actions you can use + some general actions in case you cannot find suitable in the specific ones.
    • Azure Functions - suitable for more development oriented engineers. Supports vast number of languages including PowerShell, Python, c#, etc.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments
  2. David Broggy 5,681 Reputation points MVP
    2022-11-02T14:05:05.363+00:00

    A few more resource specific thoughts that would involve IPs:
    VM: Access Control Lists (IP and port specific allow/block rules)
    Web application: WAF
    API: Defender for API

    0 comments
  3. KapilAnanth-MSFT 35,001 Reputation points Microsoft Employee
    2022-11-04T17:10:52.687+00:00

    Hi @AVR ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
    I understand that you are looking for best practises to block malicious IP in Azure.

    Azure comprises of different range of IaaS and PaaS services, and it will be difficult to point at a single solution that could provide network security for every product.
    Wrt Automation, the exact solution would depend on the PaaS service/IaaS service at hand
    However, I shall share the most commonly used solutions.

    Exclusively for Public IPs, we have DDoS IP Protection

    Most of the PaaS services come with their own network security configuration/settings.
    For e.g. Configure Azure Storage firewalls and virtual networks

    Along with this, you can also consider

    Notable Network Security features for other products include,

    Other documents that may come handy are as follows,

    I hope this helps.

    Thanks,
    Kapil

    ----------------------------------------------------------------------------------------------------------------

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    0 comments