Azure-VirtualNetworks-Managed-NAT-Gateway-In-Use

Severity : High

Description: This control ensures that that managed NAT gateway is associated with virtual network where access to internet is required from the virtual network. NAT gateway provides outbound internet connectivity for one or more subnets of a virtual network. NAT gateway is more efficient and less operationally complex than other outbound connectivity techniques in Azure. Azure best architecture practice recommend using NAT gateway as the default for enabling outbound connectivity for virtual networks.

Remediation Steps:

Perform following to Remove all non-required guest users :

1. Login to Azure Portal using https://portal.azure.com.

2. Navigate to resources.

3. Select Create a resource.

4. In the type of resources, Select Networking, and then NAT gateway.

5. Select Create.

6. n Create network address translation, enter Name, Region, Availability Zone, Idle timeout, Subscription, Resource Group under Basic tab.

7. Select Outbound IP and in Public IP addresses, Select Create a new public IP address, In Name, enter name for IP, select OK.

8. Select Subnet tab and in Virtual network, select virtual network and then select the subnet in the virtual network.

9. Select the Review + create tab.

10. Select Create.

Important:

Reference:

• https://docs.microsoft.com/en-us/azure/virtual-network/nat-gateway/tutorial-create-nat-gateway-portal