AzPolicyAdvertizer

last sync: 2025-Sep-17 17:22:58 UTC

Network interfaces should disable IP forwarding

Azure BuiltIn Policy definition

Source Azure Portal
Display name Network interfaces should disable IP forwarding
Id 88c0b9da-ce96-4b03-9635-f29a937e2900
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Network
Microsoft Learn
Description This policy denies the network interfaces which enabled IP forwarding. The setting of IP forwarding disables Azure's check of the source and destination for a network interface. This should be reviewed by the network security team.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Fixed
deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/networkInterfaces/enableIpForwarding Microsoft.Network networkInterfaces properties.enableIPForwarding True True
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Deprecated] Enforce recommended guardrails for Network and Networking services Enforce-Guardrails-Network Network Deprecated ALZ
Enforce recommended guardrails for Network and Networking services Enforce-Guardrails-Network_20250326 Network GA ALZ
Motion Picture Association of America (MPAA) 92646f03-e39d-47a9-9e24-58d60ef49af8 Regulatory Compliance GA BuiltIn unknown
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC