Control: Azure > CIS v5.0 > 8 - Security Services > 8.05 - Ensure Azure DDoS Network Protection is enabled on virtual networks

Configures auditing against a CIS Benchmark item.

Level: 2

Azure DDoS Network Protection defends resources in virtual networks against distributed denial-of-service (DDoS) attacks.

While an automated assessment procedure exists for this recommendation, the assessment status remains manual. Determining the appropriateness of enabling Azure DDoS Network Protection depends on the context and requirements of each organization and environment.

Resource Types

This control targets the following resource types:

Azure > Network > Virtual Network

Policies

This control type relies on these other policies when running actions:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv5-0#/control/types/r0805

Category URI

tmod:@turbot/cis#/control/categories/v071207

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv5-0#/control/types/r0805") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv5-0#/control/types/r0805'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r0805"