| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1623 - Boundary Protection | ||
| Id | 02ce1b22-412a-4528-8630-c42146f917ed | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Communications Protection control | ||
| Additional metadata |
Name/Id: ACF1623 / Microsoft Managed Control 1623 Category: System and Communications Protection Title: Boundary Protection - Subnetworks for Publicly Accessibly Components Ownership: Customer, Microsoft Description: The information system: Implements subnetworks for publicly accessible system components that are physically and logically separated from internal organizational networks; and Requirements: The only externally accessible components of Azure are the load balancers and the externally-facing server roles. All non-externally accessible Azure components connect to the load balancers via physically separate network interfaces on subnets that are logically separated from internal subnets. The hypervisor is isolated from interactions by virtual machines on port 80. Azure employs Remote Desktop Protocol (RDP)and SSL VPN as the internal/external managed interface for interactive access to the Azure environment. Azure requires encrypted connections for connectivity from any of the solutions used to access the environment in accordance with Microsoft security architecture requirements. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|