| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1700 - Information System Monitoring | Unauthorized Network Services | ||
| Id | 7831b4ba-c3f4-4cb1-8c11-ef8d59438cd5 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Information Integrity control | ||
| Additional metadata |
Name/Id: ACF1700 / Microsoft Managed Control 1700 Category: System and Information Integrity Title: Information System Monitoring | Unauthorized Network Services Ownership: Customer, Microsoft Description: The information system detects network services that have not been authorized or approved by The Microsoft Azure Change and Release Management process, C+AI Security and alerts the Microsoft Azure Live Site team. Requirements: Azure detects network services that have not been authorized or approved by the Azure Change and Release Management process. If an unauthorized network service is discovered, the Azure LiveSite (WALS) team investigates the issue following the incident management process. Azure tracks network connections that are opened by the processes running on the host. Any process that begins offering an open network port is flagged and investigated if it is not part of the approved baseline for that host, ensure detection of network services that have not been authorized as an indicator of compromise. In addition, the implemented host-based SDN firewall uses a default deny all policy. Azure enforces a default deny policy which restricts communication to certain areas by firewall zones that are explicitly permitted. For any policy change, a detailed request with justification must be submitted and approved by C+AI Security through the standard security process. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|