Detections
Analytics

Ensure server is not exposed to more than 32 private hosts for Azure Network Security Rule

LOW

Description

Too many IP addresses may lead to unnoticed un-authorized access.

Remediation

Configure Network Security Rule to ensure the ports are not exposed more than 32 private hosts. In console -

  1. In settings of NSG select Inbound security rules.
  2. Use Add button here to add security rules.
  3. Create security rules for any application, port range, ip range.
    In terraform -
    Set the value of 'access' to [allow | deny]. Set the value of 'direction' to 'inbound'. Set the value of 'source_address_prefix' to an IP address or a range of IP addresses. These network security rules in controlling inbound connections to your resources in Azure.

Policy Details

Rule Reference ID: AC_AZURE_0421
CSP: Azure
Remediation Available: No
Domain: Infrastructure Security
Resource: azurerm_network_security_rule
Resource Category: Virtual Network
Resource Type: Security Group

Frameworks