![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 98%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHS%3C/text%3E%3C/svg%3E)
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,014 questions
Hello @Hasan Shehzeb ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you have an Application Gateway with WAFv2 in front of your App Services and an audit revealed that TCP and ICMP timestamps are being disclosed. You would like to know if this can be disabled.
This feature is currently not feasible.
There is a feedback item submitted for the same in the below forum:
https://feedback.azure.com/d365community/idea/55acd97c-8826-ec11-b6e6-000d3a4f0789
If you believe this feature could enhance our services, I encourage you to upvote it and provide your input on the feedback portal mentioned above.
NOTE: All the feedback shared in these forums are monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
I also checked with the Azure App service team and below is their statement for this:
This is a low severity warning from most security scans, and it can be safely ignored. This feature cannot and will not be disabled or changed.
Regarding this setting in Azure which uses Windows Server, the report indicates, “TCP timestamps cannot be reliably disabled on this OS.”
The real risk is if you don’t update your machines and the uptime indicates the server hasn’t been restarted in a long time. Azure PaaS services undergo frequent patching, and the risk is really mitigated because that host level security falls within the responsibility of Azure.
Refer: https://learn.microsoft.com/en-us/azure/security/fundamentals/paas-deployments
https://learn.microsoft.com/en-us/answers/questions/204356/disable-tcp-timestamp
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.