Ensure that Accelerated Networking feature is enabled for your Azure virtual machines (VMs) in order to provide low latency and high throughput for the network interfaces (NICs) attached to the VMs. Accelerated networking enables single root input/output virtualization (SR-IOV) for virtual machines, vastly improving its networking performance. This high-performance pathway bypasses the host from the datapath, reducing latency, jitter and CPU utilization, so it can be used with the most demanding network workloads that can be installed on the supported VM types.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
Without accelerated networking, all network traffic in and out of the virtual machine must traverse the host and the virtual switch. The virtual switch provides all policy enforcement, such as network security groups, Access Control Lists (ACLs), isolation, and other network virtualized services. But with accelerated networking, network traffic arrives at the virtual machine's network interface (NIC) and then it is forwarded to the VM. All network policies that the virtual switch applies are now offloaded and implemented at the hardware level and this reduces the overall latency. Applying the policy to the hardware enables the NIC to forward network traffic directly to the virtual machine (VM), bypassing the host and the virtual switch, while maintaining the policy enforcement that was applied to the host. The benefits of accelerated networking have a real impact when communicating across Azure Virtual Networks (VNets) or connecting to on-premises, as this feature provides low latency and high throughput.
Note: Accelerated networking is supported only on virtual machine instances with 4 or more vCPUs. Supported series are: D/Dsv3, E/Esv3, Fsv2, Lsv2, Ms/Mms and Ms/Mmsv2.
To determine if your Azure virtual machines (VMs) are configured with accelerated networking, perform the following actions:
Remediation / Resolution
To enable the Accelerated Networking feature for your Microsoft Azure virtual machines (VMs), perform the following actions:Note: Enabling accelerated networking for your Microsoft Azure virtual machines (VMs) using Azure Management Console is not currently supported.
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable Accelerated Networking for Virtual Machines
Risk level: Medium