Network Exposure
Network exposure is the level of accessibility of the asset from the public domain. CloudGuard considers the network exposure of your assets and defines each of them as:
-
Public - Accessible from the Internet.
-
Partially public - Accessible from specific addresses on the Internet.
-
Private - Confirmed as having no exposure.
-
Unknown - CloudGuard cannot determine the asset exposure based on the available data.
Supported Asset Types
CloudGuard analyzes these asset types to calculate Network Exposure:
Asset Type |
Supported Statuses |
Assets Used for Calculation |
---|---|---|
|
|
|
|
|
|
Lambda |
|
|
|
|
|
|
|
|
Asset Type |
Supported Statuses |
Assets Used for Calculation |
---|---|---|
Virtual Machine |
|
|
Storage account* |
|
For partially public access:
|
WebApp |
|
|
FunctionApp |
|
|
SQL Server |
|
|
|
|
|
Redis Cache |
|
|
* When you configure Azure Collection of integrated cloud services that developers and IT professionals use to build, deploy, and manage applications through a global network of data centers managed by Microsoft®. storage accounts networking, you select one of these options for public network access:
-
Enable from all networks - The storage account can be accessed from any network or IP address on the public Internet.
-
Enable from selected virtual networks and IP addresses - The storage can be accessed from the selected IP addresses and VNet.
-
Disable and use private access (Private endpoint connections) - The storage cannot be accessed from a public endpoint.
Asset Type |
Supported Statuses |
Assets Used for Calculation |
---|---|---|
VMInstance |
|
|