NSG protects Azure resources from Unauthorized Access. In this post we can see the Features of Azure NSGs.
You can restrict Database Servers are only accessed from Application Servers thus protecting Legacy business data.
Rules can be configured to Allow access.
Rules can be configured to Deny access.
Restrictions can be set based on VNET
NSG offers the following flexibilities:
- Automatically created along with Azure Resources
- Inbound & Outbound rules are automatically created
- eg: Port 3359 Allow Rune for VM
- Reusability possible with multiple Azure Resources
- Create an NSG for VM and reuse across multiple VMs
- Tagging based restriction possible
- eg: VirtualMachine, AppService etc.
Create a VM > Observe NSG automatically created.
Try accessing the VM from Windows RDP. You should be able to login.
Delete the rule 3359. Wait for 1 minute for the NSG rule to be reflected. Try login again. You should be denied.
Inbound Rules restricts Incoming Traffic requests to the device.
Outbound Rules restricts Outgoing Traffic requests from the device.
In this post we have explored the features of NSGs and performed a Test experiment.