Vulnerability Scan Timeout

Question

I have a recommendation in the Azure Security Advisor "VA2065 - Server-level firewall rules should be tracked and maintained at a strict minimum" on a number of sql server instances. My understanding of how to remediate these is:

1. Adjust the firewall rules so they are at a "strict minimum"
2. As there are new rules that should be part of the baseline, accept the current rules as a new baseline
3. To clear the recommendation re-ruin the Vulnerability Assessment on the instance
4. The recommendation for that instance should now be cleared

What is actually happening for me is:

1. Adjust the firewall rules so they are at a "strict minimum"
2. As there are new rules that should be part of the baseline, accept the current rules as a new baseline
3. To clear the recommendation re-ruin the Vulnerability Assessment on the instance - this fails with a timeout (screenshot attached)
4. The recommendations remain, even days later

Is there logging somewhere for me to further troubleshoot this issue?

Answer 1

@Jim Pelletier
From the error message you received (HTTP 0 Error), it looks like your firewall might've blocked the ARM API call. The "Quick Fix" remediation logging is logged within the Azure Activity Logs, and more information can be found in the Audit logs, if needed.

If you'd to take a deeper look into what ports or IPs need to be unblocked in order for you to remediate your Security Center issues, I can definitely create a one time free support request for you.

Please let me know if you have any other questions.
Thank you for your time!

Additional links:
Azure Security Center Troubleshooting Guide
Azure SQL DB Firewall setup