AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Windows machines should meet requirements for 'Security Options - Microsoft Network Server'

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Windows machines should meet requirements for 'Security Options - Microsoft Network Server'

caf2d518-f029-4f6b-833b-d7081702f253

Version

3.0.0
Details on versioning

Category

Guest Configuration
Microsoft Learn

Description

Windows machines should have the specified Group Policy settings in the category 'Security Options - Microsoft Network Server' for disabling SMB v1 server. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

IF (7)

Alias	Namespace	ResourceType	Path	PathIsDefault	Modifiable
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/imageSKU	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	True True True	False False False
Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration	Microsoft.Compute	virtualMachines	properties.osProfile.windowsConfiguration	True	True
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	True	True
Microsoft.ConnectedVMwarevSphere/virtualMachines/osProfile.osType	Microsoft.ConnectedVMwarevSphere	virtualmachines	properties.osProfile.osType	True	False
Microsoft.HybridCompute/imageOffer	Microsoft.HybridCompute	machines	properties.osName	True	False

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.GuestConfiguration/guestConfigurationAssignments/complianceStatus	Microsoft.GuestConfiguration	guestConfigurationAssignments	properties.complianceStatus	True		False

Rule resource types

IF (3)
Microsoft.Compute/virtualMachines
Microsoft.ConnectedVMwarevSphere/virtualMachines
Microsoft.HybridCompute/machines

Compliance

The following 2 compliance controls are associated with this Policy definition 'Windows machines should meet requirements for 'Security Options - Microsoft Network Server'' (caf2d518-f029-4f6b-833b-d7081702f253)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
Azure_Security_Benchmark_v1.0	1.11	Azure_Security_Benchmark_v1.0_1.11	Azure Security Benchmark 1.11	Network Security	Use automated tools to monitor network resource configurations and detect changes	Customer	Use Azure Policy to validate (and/or remediate) configuration for network resources. How to configure and manage Azure Policy: https://docs.microsoft.com/azure/governance/policy/tutorials/create-and-manage Azure Policy samples for networking: https://docs.microsoft.com/azure/governance/policy/samples/#network	n/a	link	7
hipaa	0709.10m1Organizational.1-10.m	hipaa-0709.10m1Organizational.1-10.m	0709.10m1Organizational.1-10.m	07 Vulnerability Management	0709.10m1Organizational.1-10.m 10.06 Technical Vulnerability Management	Shared	n/a	Technical vulnerabilities are identified, evaluated for risk, and corrected in a timely manner.		13

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Deprecated]: Azure Security Benchmark v1	42a694ed-f65e-42b2-aa9e-8052e9740a92	Regulatory Compliance	Deprecated	BuiltIn
[Preview]: Windows machines should meet requirements for the Azure compute security baseline	be7a78aa-3e10-4153-a5fd-8c6506dbc821	Guest Configuration	Preview	BuiltIn
HITRUST/HIPAA	a169a624-5599-4385-a696-c8d643089fab	Regulatory Compliance	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-01-28 17:51:01	change	Major (2.0.0 > 3.0.0)
2020-09-15 14:06:41	change	Previous DisplayName: [Preview]: Windows machines should meet requirements for 'Security Options - Microsoft Network Server'
2020-08-20 14:05:01	add	caf2d518-f029-4f6b-833b-d7081702f253

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC