You are here: Cloud Platforms > Microsoft Azure > Example Deployment

Example Deployment

This section demonstrates an example of PVSPassive Vulnerability Scanner running on a virtual machine functioning as a NAT gateway instance within a Microsoft Azure Virtual Network.

In the examples used in the instructions for setting up a NAT gateway, the Virtual Network pvsVNet was created, which has the network range 10.240.0.0/16. Additionally, the virtual machine instance pvsNatGateway was created in the pvsPublic subnet to function as the NAT gateway. In this example, three other virtual machine instances were created within the pvsPrivate subnet. None of the virtual machine instances in pvsPrivate are assigned an external IP address and all outgoing traffic is routed through pvsNatGateway .

In this example, there are four virtual machine instances within pvsVNet:

VM Instance Name Internal IP Has External IP?
pvsNatGateway 10.240.0.4 Yes
exampleInstance 10.240.1.4 No
exampleInstance2 10.240.1.5 No
exampleInstance3 10.240.1.6 No

PVS is running on pvsNatGateway and has the following configuration:

Configuration Parameter Value
Monitored Network Interfaces eth0
Monitored Network IP Addresses and Ranges 10.240.0.0/16

With this configuration, PVS will monitor traffic

  • from the internal virtual machine instances to the Internet,
  • between pvsNatGateway and the internal virtual machine instances,
  • from the Internet to internal virtual machine instances if you have enabled port forwarding on the NAT gateway to make them Internet accessible,
  • and between pvsNatGateway and the Internet.

    Note: Azure policy prevents interfaces from operating in promiscuous mode. As a result, PVS can't monitor traffic between other virtual instances.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.