Skip to content

Control 1.20: Network Isolation and Private Connectivity

Control ID: 1.20 Pillar: Security Regulatory Reference: FINRA 3110, SEC 17a-4, GLBA 501(b), OCC 2011-12 Last UI Verified: January 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03

Objective

Implement network-level access controls for Copilot Studio environments including IP firewall restrictions, Virtual Network (VNet) support, and Private Endpoints to ensure agent-to-data-source communication remains within trusted network boundaries.

Why This Matters for FSI

  • FINRA 3110: Network isolation restricts agents from reaching unapproved systems, enabling supervision
  • SEC 17a-4: Private networks prevent unauthorized external access to agent data and logs
  • GLBA 501(b): Network boundaries provide defense-in-depth for customer information protection
  • OCC 2011-12: Network isolation controls and validates data feeds to agents

Control Description

This control establishes network isolation through:

  1. IP Firewall - Restrict environment access to approved IP address ranges (corporate networks, VPN)
  2. VNet Support - Enable Virtual Network integration for Managed Environments
  3. Private Endpoints for Key Vault - Agent credentials accessed without public internet exposure
  4. Private Link for Application Insights - Telemetry routed over private network
  5. Private Endpoints for Data Sources - SQL, Azure SQL, and other connectors via private path
  6. IP Cookie Binding - Prevent session token theft by binding sessions to IP addresses

Key Configuration Points

  • Configure IP Firewall in PPAC with corporate CIDR blocks (e.g., 10.0.0.0/8, 172.16.0.0/12)
  • Enable VNet support with dedicated subnet delegated to Microsoft.PowerPlatform/enterprisePolicies
  • Create Private Endpoints for Key Vault in same VNet as Power Platform
  • Configure Azure Monitor Private Link Scope (AMPLS) for Application Insights
  • Create Private DNS zones and link to VNet for endpoint resolution
  • Test in audit-only mode before enforcement
  • Document network architecture and data flows

Zone-Specific Requirements

Zone Requirement Rationale
Zone 1 (Personal) IP Firewall optional; VNet not required Low data sensitivity, minimal overhead
Zone 2 (Team) IP Firewall required; VNet recommended; Private Endpoints for sensitive data Team data requires network controls
Zone 3 (Enterprise) Full VNet isolation mandatory; all private endpoints; no public internet for backend; network flow logging Customer-facing requires maximum isolation

Roles & Responsibilities

Role Responsibility
Power Platform Admin Configure IP Firewall, enable VNet support
Azure Network Contributor Provision VNet, subnets, Private Endpoints
Entra Security Admin Validate network configuration, review flows
Compliance Officer Approve network architecture for regulatory alignment
Control Relationship
2.1 - Managed Environments VNet support requires Managed Environment
1.15 - Encryption Network isolation + encryption provides defense in depth
1.7 - Audit Logging Network flow logs supplement audit logging
1.11 - Conditional Access IP-based CA policies align with IP Firewall

Implementation Playbooks

Step-by-Step Implementation

This control has detailed playbooks for implementation, automation, testing, and troubleshooting:

Verification Criteria

Confirm control effectiveness by verifying:

  1. Access from non-allowlisted IP is blocked by IP Firewall
  2. Agent can reach private endpoint resources via VNet path
  3. Private DNS resolves endpoint FQDNs to private IPs
  4. Key Vault access uses private endpoint (no public route)
  5. Application Insights telemetry flows via Private Link

Additional Resources

Updated: January 2026 | Version: v1.2 | UI Verification Status: Current