last sync: 2024-May-24 18:03:04 UTC

Microsoft Managed Control 1639 - Boundary Protection | Isolation Of Information System Components | Regulatory Compliance - System and Communications Protection

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1639 - Boundary Protection | Isolation Of Information System Components
Id 78e8e649-50f6-4fe3-99ac-fedc2e63b03f
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Communications Protection control
Additional metadata Name/Id: ACF1639 / Microsoft Managed Control 1639
Category: System and Communications Protection
Title: Boundary Protection | Isolation Of Information System Components
Ownership: Customer, Microsoft
Description: The organization employs boundary protection mechanisms to separate Service team systems supporting Service team functions.
Requirements: Azure service teams are segregated from each other using Azure-managed boundary protection devices for bare metal hardware or logical isolation mechanisms for virtual machines, including VLAN and Network Security Group (NSG) and Virtual Network (VNet) segmentation, ACL restrictions, and encrypted communications. Azure also implements logical separation for its separate cloud environments in addition to all boundary protection mechanisms described above.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC