Microsoft AZ-700: Exercise – Configure DDoS Protection on a Virtual Network Using the Azure Portal

Reading Time: 2 minutes

Notes from MS Learn AZ-700 Module 6: Design and implement network security – Unit 4: Exercise – Configure DDoS Protection on a Virtual Network Using the Azure Portal

Tasks (taken from MS Learn: Items without “Task” in front of them are personal additions)

  • Task 1: Create a DDoS Protection plan.
    • Search and click DDoS Protection Plans in Azure Portal
    • Click Create
      • Select or Create New Resource Group (create new in this example)
      • Enter unique name and click OK
      • Enter unique name under Instance Details
      • Choose Region from dropdown
      • Click Review + Create
      • Once Validated click Create
  • Task 2: Enable DDoS Protection on a new virtual network.
    • Search and click Virtual Networks in Azure Portal
    • Click Create
      • Choose Resource Group from dropdown
      • Enter unique Name under Instance details
      • Choose Next : IP Addresses >
      • Choose Next : Security >
      • Toggle DDoS Network Protection to Enable
      • Choose DDoS Protection Plan created earlier from dropdown
      • Select Review + Create
      • Once validated select Create
  • Task 3: Configure DDoS telemetry.
    • Search and click Public IP Addresses in Azure Portal
    • Click Create
      • Enter unique name
      • Enter DNS Name Label
      • Choose Resource Group from dropdown
      • Click Create
    • Search for DDoS protection plan created earlier
    • Choose Metrics under Monitoring
      • Set Scope to MyPublicIPAddress
      • Click Apply
      • Set Metrick from dropdown
        • Inbound packets dropped
  • Task 4: Configure DDoS diagnostic logs.
    • Search and select my public IP address
    • Choose Diagnostic settings under Monitoring
      • Select Add diagnostic setting
        • Check all 3 boxes under Categories
        • Check AllMetrics box under metrics
        • Check send to Log Analytics workspace box
  • Task 5: Configure DDoS alerts.
    • Search and navigate to Virtual Machines in Portal
    • Click Create > Azure Virtual Machine
      • Choose Resource Group from dropdown
      • Provide Virtual Machine Name
      • Choose Review + Create
      • Once Validated click Create
      • Click Download private key and create resource in Generate new key pair dialog
      • Click Go to resource
        • Click Networking under settings
        • Click link next to Network Interface
        • Select IP configurations under settings
        • Chose ipconfig1
          • Under Public IP address choose MyPublicIPAddress
          • Click Save
    • Navigate to DDoS protection plans in Azure Portal
      • Choose MyDDoSProtectionPlan as created earlier
        • Click Alerts under monitoring
          • Click Create > Alert Rule
          • Delete existing resource
          • Click Select Scope
          • Under Filter by resource choose search for and choose Public IP Addresses from the dropdown
          • Choose MyPublicIPAddress as created earlier
          • Click Done
        • Choose Next : Condition >
          • Choose Under DDoS attack or not
            • Select Maximum under Aggregation type dropdown
            • Select Greater than or equal too under Operator dropdown
            • Enter Threshold value (1 in this example)
            • Select Next: Actions >
            • Select Next : Details >
              • Enter Alert rule name
              • Choose Review + create
              • Click Create
  • Task 6: Monitor a DDoS test attack.
    • Search Public IP Addresses in Azure Portal and on page click MyPublicIPAddress as created above
    • Copy the IP Address
    • Click Metrics under Monitoring section in left panel
      • In the Metric dropdown choose Under DDoS attack or not
      • Value changes from 0 to 1 if under attack
Share this article:

Permanent link to this article: https://www.packetpilot.com/microsoft-az-700-exercise-configure-ddos-protection-on-a-virtual-network-using-the-azure-portal/

Leave a Reply

Your email address will not be published.