AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Web Application Firewall (WAF) should enable all firewall rules for Application Gateway

Name Web Application Firewall (WAF) should enable all firewall rules for Application Gateway
Azure Portal
Id 632d3993-e2c0-44ea-a7db-2eca131f356d
Version 1.0.1
details on versioning
Category Network
Microsoft docs
Description Enabling all Web Application Firewall (WAF) rules strengthens your application security and protects your web applications against common vulnerabilities. To learn more about Web Application Firewall (WAF) with Application Gateway, visit https://aka.ms/waf-ag
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Network/applicationGateways
Compliance The following 3 compliance controls are associated with this Policy definition 'Web Application Firewall (WAF) should enable all firewall rules for Application Gateway' (632d3993-e2c0-44ea-a7db-2eca131f356d)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ACAT_Security_Policies ACAT_Security_Policies ACAT Security Policies Guidelines for M365 Certification Protecting systems and resources Shared n/a Ensures that apps have strong security and compliance practices in place to protect customer data, security, and privacy. link 24
RBI_CSF_Banks_v2016 4.3 RBI_CSF_Banks_v2016_4.3 Network Management And Security Network Device Configuration Management-4.3 n/a Ensure that all the network devices are configured appropriately and periodically assess whether the configurations are appropriate to the desired level of network security. 17
RBI_CSF_Banks_v2016 6.7 RBI_CSF_Banks_v2016_6.7 Application Security Life Cycle (Aslc) Application Security Life Cycle (Aslc)-6.7 n/a Ensure that software/application development practices addresses the vulnerabilities based on best practices baselines such as Open Web Application Security Project (OWASP) proactively and adopt principle of defence-in-depth to provide layered security mechanism. 6
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-23 16:35:49 change Patch (1.0.0 > 1.0.1) *changes on text case sensitivity are not tracked
2022-07-08 16:32:07 add 632d3993-e2c0-44ea-a7db-2eca131f356d
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Reserve Bank of India - IT Framework for Banks d0d5578d-cc08-2b22-31e3-f525374f235a Regulatory Compliance Preview BuiltIn
ACAT for Microsoft 365 Certification 80307b86-ab81-45ab-bf4f-4e0b93cf3dd5 Regulatory Compliance GA BuiltIn
JSON