SupportedĬonfiguration Guidance: This feature is not supported to secure this service. NS-2: Secure cloud services with network controls Features Azure Private Linkĭescription: Service native IP filtering capability for filtering network traffic (not to be confused with NSG or Azure Firewall). NSGs contain a list of Access Control List (ACL) rules that allow or deny network traffic to your subnet. Protect your subnet from potential threats by restricting access to it with a Network Security Group (NSG). Subnets should be associated with a Network Security Group Reference: Working with NSG access and Azure Bastion Microsoft Defender for Cloud monitoringĪzure Policy built-in definitions - Microsoft.Network: Name (Azure portal) Create NSG rules to restrict your service's open ports (such as preventing management ports from being accessed from untrusted networks). SupportedĬonfiguration Guidance: Use network security groups (NSG) to restrict or monitor traffic by port, protocol, source IP address, or destination IP address. Reference: Tutorial: Deploy Bastion Network Security Group Supportĭescription: Service network traffic respects Network Security Groups rule assignment on its subnets. SupportedĬonfiguration Guidance: Deploy the Azure Bastion into a virtual network with the subnet at least /26 or larger. NS-1: Establish network segmentation boundaries Features Virtual Network Integrationĭescription: Service supports deployment into customer's private Virtual Network (VNet). Service can be deployed into customer's virtual networkįor more information, see the Microsoft cloud security benchmark: Network security. The security profile summarizes high-impact behaviors of Azure Bastion, which may result in increased security considerations. To see how Azure Bastion completely maps to the Microsoft cloud security benchmark, see the full Azure Bastion security baseline mapping file. Features not applicable to Azure Bastion have been excluded.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |