| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1637 - Boundary Protection | Fail Secure | ||
| Id | 4075bedc-c62a-4635-bede-a01be89807f3 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Communications Protection control | ||
| Additional metadata |
Name/Id: ACF1637 / Microsoft Managed Control 1637 Category: System and Communications Protection Title: Boundary Protection | Fail Secure Ownership: Microsoft Description: The information system fails securely in the event of an operational failure of a boundary protection device. Requirements: Azure deploys geographically separate and redundant boundary protection network devices and Jumpboxesand SSL VPN servers. When an asset fails, it fails securely, and access is restricted to the environment. If Azure network devices, including but not limited to edge routers, access routers, load balancers, aggregation switches, and TORS fail, the affected circuit becomes disconnected, thereby failing securely. A failure of an Azure network device cannot lead to, or cause, information external to the system entering the device, nor can a failure permit unauthorized information release. The built-in redundancy allows Azure assets to fail without influencing availability. Many Azure network devices are configured to reboot in the event of failure, rather than remaining offline. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|