Network misconfigurations

Ensure Azure network security group doesn’t allow unrestricted VNC traffic from the Internet

Compliance Frameworks


A network security group contains security rules that allow or deny inbound network traffic to VNC, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol. You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network