Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company deploys several virtual machines on-premises and to Azure. ExpressRoute is deployed and configured for on-premises to Azure connectivity.
Several virtual machines exhibit network connectivity issues.
You need to analyze the network traffic to identify whether packets are being allowed or denied to the virtual machines.
Solution: Use Azure Network Watcher to run IP flow verify to analyze the network traffic.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.A
Azure Network Watcher IP Flow Verify allows you to detect traffic filtering issues at a VM level.
IP flow verify checks if a packet is allowed or denied to or from a virtual machine. The information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen,
IP flow verify helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-ip-flow-verify-overviewYes, the solution meets the goal.
Azure Network Watcher is a service that provides tools to monitor and diagnose the network traffic in Azure. IP flow verify is one of the tools available in Network Watcher that enables you to check the network traffic between two endpoints, such as virtual machines or subnets, and verify if the traffic is allowed or denied based on the security rules configured in the network security group (NSG) or application security group (ASG).
By running IP flow verify on the virtual machines that exhibit network connectivity issues, you can identify whether the traffic is reaching the virtual machines and whether it is being allowed or denied based on the NSG or ASG rules. IP flow verify can also help you identify the source of the network connectivity issues and determine whether the issue is caused by a misconfiguration in the NSG or ASG rules or by other factors, such as firewall or routing issues.
Therefore, by using Azure Network Watcher to run IP flow verify to analyze the network traffic, you can identify the network connectivity issues in the virtual machines and troubleshoot them effectively.