| Source | Azure Portal | ||||||||||||||||||||||
| Display name | Microsoft Managed Control 1227 - Information System Component Inventory | Automated Unauthorized Component Detection | ||||||||||||||||||||||
| Id | 03b78f5e-4877-4303-b0f4-eb6583f25768 | ||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
| Description | Microsoft implements this Configuration Management control | ||||||||||||||||||||||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||||||||||||||||||||||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy 03b78f5e-4877-4303-b0f4-eb6583f25768 |
||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1227 / Microsoft Managed Control 1227 Category: Configuration Management Title: Information System Component Inventory | Automated Unauthorized Component Detection - Actions Taken Ownership: Customer, Microsoft Description: The organization: Takes the following actions when unauthorized components are detected: Disables network access by such components. Requirements: Azure does not wait to isolate components by disabling network access for unauthorized components. When network devices are deployed, ports are turned off by default. Unassigned ports are put into a VLAN that is not configured at Layer 3 (L3) and has no provisioned servers in it. Thus, even if ports were enabled, there is no access to any provisioned servers and traffic does not have the ability to leave the VLAN subnet. To prevent IP spoofing, Azure uses ACLs on the L3 to deny packets sourced by the subnet from entering that subnet. |
||||||||||||||||||||||
| Mode | Indexed | ||||||||||||||||||||||
| Type | Static | ||||||||||||||||||||||
| Preview | False | ||||||||||||||||||||||
| Deprecated | False | ||||||||||||||||||||||
| Effect | Fixed audit |
||||||||||||||||||||||
| RBAC role(s) | none | ||||||||||||||||||||||
| Rule aliases | none | ||||||||||||||||||||||
| Rule resource types | IF (2) |
||||||||||||||||||||||
| Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1227 - Information System Component Inventory | Automated Unauthorized Component Detection' (03b78f5e-4877-4303-b0f4-eb6583f25768)
| ||||||||||||||||||||||
| Initiatives usage |
|
||||||||||||||||||||||
| History | none | ||||||||||||||||||||||
| JSON compare | n/a | ||||||||||||||||||||||
| JSON |
|