---
names:
  full: Azure Network Security Group allows public access to HTTP(S) ports
  contextual: Security Group allows public access to HTTP(S) ports
description: >
  Ensure that Azure Network Security Groups do not allow unrestricted public access to 
  the HTTP/HTTPS ports 80 and 443. Where certain ports and protocols may be 
  exposed to the Internet, they should be evaluated for necessity and restricted 
  wherever they are not explicitly required.
type: COMPLIANCE_POLICY
categories:
  - SECURITY
frameworkMappings:
  - "/frameworks/cis-azure-v5.0.0/07/04"
  - "/frameworks/cloudaware/resource-security/network-exposure"
similarPolicies:
  internal:
    - dec-x-f4cc003a
  cloudConformity:
    - url: https://www.trendmicro.com/cloudoneconformity/knowledge-base/azure/Network/unrestricted-http-access.html
      name: Check for Unrestricted HTTP Access