Azure Database Firewall (classic) Test

This test reports the current state of each firewall rule applied on the Azure SQL database of the target Azure cloud. Using this test, administrators can figure out if their database is safe or prone to vulnerabilities.

This test is disabled by default. To enable the test, go to the enable / disable tests page using the menu sequence : Agents -> Tests -> Enable/Disable, pick Microsoft Azure as the Component type, Performance as the Test type, choose this test from the disabled tests list, and click on the < button to move the test to the ENABLED TESTS list. Finally, click the Update button.

Target of the Test: Microsoft Azure

Agent deploying the test: A remote agent

Output of the test: One set of results for each firewall rule set on the Azure SQL database of the target Microsoft Azure being monitored

First-level descriptor: Azure SQL Database

Second-level descriptor: Firewall rule

  1. TEST PERIOD - How often should the test be executed
  2. Host– The host for which the test is being configured
  3. SUBSCRIPTION ID- Specify the GUID which uniquely identifies your subscription to the target Microsoft Azure that is to be monitored.
  4. CERTIFICATE PATH - In order to collect metrics from the target Microsoft Azure, the eG agent communicates via Microsoft Azure Service Management API Requests. By default, a management certificate is required to authenticate Microsoft Azure Service Management API Requests. The Management certificate should be associated with the subscription ID. The management certificate can be created on your own or you can request Microsoft Azure portal to create a certificate on behalf of you. Prior to creating a management certificate, you have to create a keystore. The steps for creating a management certificate and the keystore is discussed elaborately in Section 1.1. The created keystore will reside in the <JAVA_INSTALL_DIR>\jre7\bin folder. Specify the exact path to the keystore file in this text box. If you have requested Microsoft Azure portal to create the management certificate, then, specify the exact path on which you have stored the keystore file. For example, if the keystore file created is WindowsAzureKeyStore.jks and if you have stored it in D:\Azure folder, then specify the CERTIFICATE PATH as D:\Azure\WindowsAzureKeyStore.jks.
  5. CERTIFICATE PASSWORD - Specify the password that is provided while creating the keystore in this text box.
  6. confirm password - Confirm the password by retyping it here.

Measures reported by the test:

Measurement Description Measurement Unit Interpretation

Status

Indicates the current state of this firewall rule applied on this Azure SQL Database.

 

The values reported by this measure and its numeric equivalents are mentioned in the table below:

Measure Value Numeric Value
Normal 1
Limited 2
Unknown 0

Note:

By default, this measure reports the Measure Values listed in the table above to indicate the current state of the firewall rule applied on he Azure SQL Database. The graph of this measure however, represents the status of a server using the numeric equivalents only - 0 to 2.