| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1624 - Boundary Protection | ||
| Id | 37d079e3-d6aa-4263-a069-dd7ac6dd9684 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Communications Protection control | ||
| Additional metadata |
Name/Id: ACF1624 / Microsoft Managed Control 1624 Category: System and Communications Protection Title: Boundary Protection - Connect to External Networks Only Through Protection Devices Ownership: Customer, Microsoft Description: The information system: Connects to external networks or information systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture. Requirements: Azure connects to external networks or information systems only through Azure Networking’s managed networks and Edge Routers. The network interfaces provide boundary protection at the Edge Router network level and are arranged in accordance with the Microsoft and Azure security architectures. Additional measures in place to help protect Azure information systems from malicious activities include: * Software load balancers * Non-routable IP addressing * Packet filtering * Host-based firewalls * VLAN and NSG isolation * Jumpboxes, Debug Servers, Hop Boxes, and VPNs All traffic at the boundary is restricted to authorized connections as defined by the service team. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|