Benchmark: 0865.09m2Organizational.13-09.m 09.06 Network Security Management

Description

The organization (i) authorizes connections from the information system to other information systems outside of the organization through the use of interconnection security agreements or other formal agreement; (ii) documents each connection, the interface characteristics, security requirements, and the nature of the information communicated; (iii) employs a deny all, permit by exception policy for allowing connections from the information system to other information systems outside of the organization; and (iv) applies a default-deny rule that drops all traffic via host-based firewalls or port filtering tools on its endpoints (workstations, servers, etc.), except those services and ports that are explicitly allowed.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-azure-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 0865.09m2Organizational.13-09.m 09.06 Network Security Management.

Run this benchmark in your terminal:

powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_0865_09m2organizational

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_0865_09m2organizational --share

Controls

Key Vault should use a virtual network service endpoint

Benchmark: 0865.09m2Organizational.13-09.m 09.06 Network Security Management

Description

Usage

Controls

Tags