Azure-VirtualNetworks-Multiple-Subnets

Severity : High

Description: This control ensures that virtual network is segmented in multiple smaller subnet instead of one big subnet. A single network within a Virtual Network increases the risk of a broader blast radius in the event of a compromise. Azure best architecture practice suggest to create multiple networks/subnets in each Virtual Network and change the architecture to take advantage of public and private tiers. The resources in the subnets can be secured using security groups with access control between the subnets.

Remediation Steps:

Perform following to create multiple subnets in virtual network :

1. Login to Azure Portal using https://portal.azure.com.

2. Navigate to Virtual Network.

3. Select the virtual network which need to create subnet.

4. From Settings, select Subnets.

5. Under Subnets, Select Add Subnet.

6. In Add Subnet, Enter Name, non overlapping Address range, Security Group, route table, Service endpoint, Subnet delegation.

7. Select OK, to save

Important:

Reference:

• https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-subnet