Info icon
End of Life Notice: For Trend Cloud One™ - Conformity Customers, Conformity will reach its End of Sale on “July 31st, 2025” and End of Life “July 31st, 2026”. The same capabilities and much more is available in Trend Vision One™ Cloud Risk Management. For details, please refer to Upgrade to Trend Vision One
Logo of Trend Micro
Use the Knowledge Base AI to help improve your Cloud Posture

Check for Unrestricted Outbound Network Access

Trend Vision One™ provides continuous assurance that gives peace of mind for your cloud infrastructure, delivering over 1100 automated best practice checks.

Risk Level: High (not acceptable risk)

Ensure that your Azure AI Services (AI Foundry) instances are not configured to allow unrestricted outbound network access in order to prevent data exfiltration and data loss, and unauthorized external communications.

Security

Under Azure's shared responsibility model, customers are responsible for protecting their data and controlling endpoints. By default, unrestricted access creates significant risks, including data exfiltration, which allows sensitive data to be sent to external endpoints. This open access can also be exploited by malicious actors to launch attacks like Man-In-The-Middle (MITM) and Denial-of-Service (DoS). In AI Foundry, setting "restrictOutboundNetworkAccess" property to true is crucial for security. It prevents unauthorized access by only allowing communication with a predefined list of approved domains (FQDNs).

Audit

To determine if your Azure AI Foundry instances allow unrestricted outbound network access, perform the following operations:

Checking Azure AI Foundry instances for unrestricted outbound network access using the Azure Console (Azure Portal) is not currently supported.

Using Azure CLI

01 Run account list command (Windows/macOS/Linux) with custom output filters to list the IDs of the cloud subscriptions available in your Azure cloud account: 

az account list
	--query '[*].id'

02 The command output should return the requested subscription identifiers (IDs): 

[
	"abcdabcd-1234-abcd-1234-abcdabcdabcd",
	"abcd1234-abcd-1234-abcd-abcd1234abcd"
]

03 Run account set command (Windows/macOS/Linux) with the ID of the Azure cloud subscription that you want to examine as the identifier parameter to set the selected subscription to be the current active subscription (the command does not produce an output): 

az account set
	--subscription abcdabcd-1234-abcd-1234-abcdabcdabcd

04 Run cognitiveservices account list command (Windows/macOS/Linux) with custom output filters to list the name and the associated resource group for each Azure AI Services (AI Foundry) instance available within the current subscription: 

az cognitiveservices account list
	--output table
	--query '[?(kind==`AIServices`)].{name:name, resourceGroup:resourceGroup}'

05 The command output should return the requested AI Foundry instance identifiers: 

Name                               ResourceGroup
-------------------------------    ------------------------------
cc-project5-ai-service-instance    cloud-shell-storage-westeurope
cc-project5-ai-foundry-instance    cloud-shell-storage-westeurope

06 Run cognitiveservices account show command (Windows/macOS/Linux) with the name of the Azure AI Foundry instance that you want to examine as the identifier parameter and custom output filters to determine if outbound network access is restricted for the selected instance: 

az cognitiveservices account show
	--name cc-project5-ai-service-instance
	--resource-group cloud-shell-storage-westeurope
	--query '{restrictOutboundNetworkAccess:properties.restrictOutboundNetworkAccess}'

07 The command output should return the value of the "restrictOutboundNetworkAccess" configuration property: 

{
	"restrictOutboundNetworkAccess": false
}

If the cognitiveservices account show command output returns null or false for "restrictOutboundNetworkAccess", as shown in the example above, the selected Azure AI Foundry instance is configured to allow unrestricted outbound network access.

Remediation / Resolution

To ensure that no Azure AI Foundry instances allow unrestricted outbound network access, perform the following operations:

Restricting outbound network access for Azure AI Foundry instances using the Azure Console (Azure Portal) is not currently supported.

Using Azure CLI

01 Run account list command (Windows/macOS/Linux) with custom output filters to list the IDs of the cloud subscriptions available in your Azure cloud account: 

az account list
	--query '[*].id'

02 The command output should return the requested subscription identifiers (IDs): 

[
	"abcdabcd-1234-abcd-1234-abcdabcdabcd",
	"abcd1234-abcd-1234-abcd-abcd1234abcd"
]

03 Run account set command (Windows/macOS/Linux) with the ID of the Azure cloud subscription that you want to examine as the identifier parameter to set the selected subscription to be the current active subscription (the command does not produce an output): 

az account set
	--subscription abcdabcd-1234-abcd-1234-abcdabcdabcd

04 Run cognitiveservices account list command (Windows/macOS/Linux) with custom output filters to list the resource identifier (ID) of each Azure AI Services (AI Foundry) instance available within the current subscription: 

az cognitiveservices account list
	--query '[?(kind==`AIServices`)].id'

05 The command output should return the requested AI Foundry instance identifiers: 

[
	"/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance",
	"/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-foundry-instance"
]

06 Run az rest command (Windows/macOS/Linux) with the ID of the Azure AI Foundry instance that you want to configure as the identifier parameter, to restrict outbound network access for the selected instance by setting the "restrictOutboundNetworkAccess" property to true: 

az rest
	--method patch
	--url "https://management.azure.com/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance?api-version=2024-10-01"
	--body "{\"properties\": {\"restrictOutboundNetworkAccess\": true}}"
	--query '{"restrictOutboundNetworkAccess":properties.restrictOutboundNetworkAccess}'

07 The command output should return the new value of the "restrictOutboundNetworkAccess" property: 

{
	"restrictOutboundNetworkAccess": true
}

08 When "restrictOutboundNetworkAccess" is set to true, you need to provide the list of approved domains (FQDNs). The list of domains (URLs) is added to the "allowedFqdnList" property. To configure the list of approved domains (FQDNs), run az rest command (Windows/macOS/Linux) as shown in the example below: 

az rest
	--method patch
	--url "https://management.azure.com/subscriptions/abcdabcd-1234-abcd-1234-abcdabcdabcd/resourceGroups/cloud-shell-storage-westeurope/providers/Microsoft.CognitiveServices/accounts/cc-project5-ai-service-instance?api-version=2024-10-01"
	--body "{\"properties\": {\"allowedFqdnList\": [ \"trendmicro.com\" ]}}"
	--query '{"allowedFqdnList":properties.allowedFqdnList}'

09 The command output should return the list of approved domains (FQDNs) for the selected AI Foundry instance: 

{
	"allowedFqdnList": [
		"trendmicro.com"
	]
}

References

Publication date Sep 10, 2025

Related AIFoundry rules