Network misconfigurations

Azure Network Security Group allows unrestricted RDP traffic from the Internet

Platform(s)
Compliance Frameworks

Description

Remote Desktop Protocol (RDP) allows a user to connect to another computer ,with Windows operating systems, over a network connection. There is a rule configured in {AzureNetworkSecurityGroup} network security group, that allows all incoming RDP traffic from the Internet. In order to keep security best practices and decrease the risk for malicious activities, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming RDP traffic from allowed IP addresses only.