Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    How can we improve Azure Networking?

    You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

    There are two ways to get more votes:

    • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
    • You can remove your votes from an open idea you support.
    • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
    (thinking…)

    Enter your idea and we'll search to see if someone has already suggested it.

    If a similar idea already exists, you can support and comment on it.

    If it doesn't exist, you can post your idea so others can support it.

    Enter your idea and we'll search to see if someone has already suggested it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Please add port-mirroring to Azure to enable DLP and logging applications

      We would like a virtual span port or port-mirroring ability

      361 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  13 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    2. WAF on Application Gateway needs a function to exclude some condition like a trusted node.

      Now, Web Application Firewall feature would be available as part of Azure Application Gateway.

      Currently, WAF on Application Gateway seems to not have a function to exclude from blocking access by any condition.
      So, I would like to request to add this function for WAF on Application Gateway.

      Acutually, Many WAF product could exclude particular access from blocking like a trusted node.

      145 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      6 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    3. WAF on Application Gateway have a function to allow some exceptional access for prevention mode

      It would be great if WAF on Application Gateway have a function to allow some exceptional access for prevention mode.

      Now, Web Application Firewall feature would be available as part of Azure Application Gateway.

      Currently, WAF on Application Gateway seems to not have a function to exclude from blocking access by any condition.
      So, I would like to request to add this function for WAF on Application Gateway.

      75 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    4. NSG Flow logs

      Currently NSG Flow Logs are do not have the ability to publish to Azure Event Hub as other logs do.

      It would be invaluable for this facility to be made available to allow onward transformation of log data (via Azure Functions) prior to ingest into products such as Splunk.

      29 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →

      Thank you for your feedback. Today publishing NSG Flow Logs to an Event Hub is not currently supported natively. We will continue to evaluate this suggestion and update the status accordingly.

      Today, if you are interested in transforming and streaming NSG Flow Logs to a 3rd party endpoint, we have published a sample here that leverages an Azure function: https://github.com/Microsoft/AzureNetworkWatcherNSGFlowLogsConnector

      Splunk has also published a blog with guidance on integrating NSG Flow Logging data here: https://www.splunk.com/blog/2017/02/20/splunking-microsoft-azure-network-watcher-data.html

    5. Azure Firewall

      Please add the ability to protect against inbound traffic from the public internet in addition to its present ability to protect outbound traffic. If this is going to be offered as a true SaaS 'Firewall' solution, I believe this should have that true firewall protection for incoming traffic (protection against common attacks, layer 7 packet inspection, etc.)

      29 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  6 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    6. Integrate Windows IPAM with Azure DHCP

      Integrate Windows IPAM with Azure DHCP services.
      Some info can be gathered for domain members using DDNS, but not for appliances and other services not using DDNS...

      29 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    7. Azure DNS private zone for non-empty vnets

      allow creating of private zone for non-empty vnet.

      28 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    8. Network Security Group Rules Export button to CSV in portal

      I would like to have a button in the Portal on the NSG blade to Export all inbound and outbound rules to CSV.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    9. Azure DNS should support some of the less-common record types

      Azure DNS supports the most common DNS record types. However, I'd like to use other ones, like OPENPGPKEY, HIP, RP, SSHFP, URI, and (once DNSSEC support is added) TLSA. Adding those records would be fairly simple and require little change to your backend.

      Right now, I need to start up and Azure VM, install Linux, then set up BIND. I'd much prefer to leverage Azure DNS for my DNS needs.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    10. network health monitor for each VM when there's hundreds of VMs

      Occasionally, Azure platform outage causes VMs to lost connectivity (to other VMs) briefly, nowadays, customer can only realize the issue as their VM applications reports certain errors and engage Azure Support to investigate and get the result.

      Is there anyway that we add a panel in Portal to show customer the network health log (inbound and outbound connectivity) for each VM, so that customer can monitor and report to their management team of the cause in time and be able to take proactive actions earlier?

      Network watcher connection monitor is not applicable for such scenario as is used for monitor…

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    11. Azure DevOps Whitelisting

      Please create service tag for Azure DevOps Hosted Build Agents. I have been told that to allow hosted agent access through NSG - to my ASE's, I need to whitelist ALL external Azure IPs.. This is unaccesptable from a Security standpoint. Please address immediately

      https://developercommunity.visualstudio.com/idea/467755/static-ip-address-for-azure-devops.html?childToView=571222#comment-571222

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    12. DNS and DHCP server without the dependency of on premises server and router

      Cloud technology has great competition. In future, the leader of cloud technology will have one edge against their competitors which will be providing DHCP/DNS Server on the cloud without an on-premises server and all workstations can log in from anywhere and WDS will be more easy for IT support team in an organization.

      2 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    13. Why Can't Azure Manage my Wireless Network?

      As more and more applications and services make the migration from the desktop to the web, two issues are become important as ever. That is the content that we connect to and how we connect to this content.
      Microsoft has been an earlier adapter in identifying software as a service and migrating users from Microsoft Office to Office 365.
      However how users connect and how securely users connect is probably even more important.
      So my suggestion would be a additional service in Azure that would ensure that a users Internet connection is secure with Microsoft servers before a network administrator…

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    14. Allow network flow logs from different regions to be dumped in storage account in different Region

      For now we can only dump network flow logs from nsg in the same region as our storage account. If we have to export flow logs from all regions we have to create 27 diff storage accounts. On top of that if i want to export my flow logs to external application i have to create 27 diff trigger functions, which is very cumbersome to manage

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    15. SonicWall NSv (Firewall/Security/VPN/Router)-BYOL plans for SMB companies

      Currently SonicWall NSv (Firewall/Security/VPN/Router)-BYOL plans starts from NSv200, (unlimited nodes). For SMB offices and private companies optimal start plan - NSv25 (up to 25 nodes). Optimal for budget and used resources.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: oidc
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base