Network misconfigurations

Ensure Azure network security group doesn’t allow unrestricted VNC traffic from the Internet

Platform(s)
Compliance Frameworks

Description

A network security group contains security rules that allow or deny inbound network traffic to VNC, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol. You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network
  • Recommended Mitigation

    Configure security group rules to allow incoming vnc traffic from allowed IP addresses only.