question

JimPelletier-1003 avatar image
0 Votes"
JimPelletier-1003 asked JamesHamil-MSFT commented

Vulnerability Scan Timeout

I have a recommendation in the Azure Security Advisor "VA2065 - Server-level firewall rules should be tracked and maintained at a strict minimum" on a number of sql server instances. My understanding of how to remediate these is:

  1. Adjust the firewall rules so they are at a "strict minimum"

  2. As there are new rules that should be part of the baseline, accept the current rules as a new baseline

  3. To clear the recommendation re-ruin the Vulnerability Assessment on the instance

  4. The recommendation for that instance should now be cleared


What is actually happening for me is:

  1. Adjust the firewall rules so they are at a "strict minimum"

  2. As there are new rules that should be part of the baseline, accept the current rules as a new baseline

  3. To clear the recommendation re-ruin the Vulnerability Assessment on the instance - this fails with a timeout (screenshot attached)

  4. The recommendations remain, even days later

Is there logging somewhere for me to further troubleshoot this issue?



16585-timeou-screenshot.png16662-timeout-log.png


azure-sql-databaseazure-security-center
timeout-log.png (21.0 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JimPelletier-1003
I just wanted to check in and see if you had a chance to review the answer I posted?

Please let me know if you have any other questions.
Thank you for your time and patience.

0 Votes 0 ·

Hi, are there any updates with this case? If not, please select the appropriate response as "Answered." Otherwise please let us know how we can assist you.

0 Votes 0 ·

1 Answer

JamesTran-MSFT avatar image
0 Votes"
JamesTran-MSFT answered

@JimPelletier-1003
From the error message you received (HTTP 0 Error), it looks like your firewall might've blocked the ARM API call. The "Quick Fix" remediation logging is logged within the Azure Activity Logs, and more information can be found in the Audit logs, if needed.

If you'd to take a deeper look into what ports or IPs need to be unblocked in order for you to remediate your Security Center issues, I can definitely create a one time free support request for you.

Please let me know if you have any other questions.
Thank you for your time!


Additional links:
Azure Security Center Troubleshooting Guide
Azure SQL DB Firewall setup

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.