What are network security groups?

By Max from AzureGuru
Published in AZ-900 Training
January 03, 2021
1 min read
*This article could be a summary of content for learning purposes. For more information and knowledge, read the original articles in the References section.

A network security group enables you to filter network traffic to and from Azure resources within an Azure virtual network. You can think of NSGs like an internal firewall. An NSG can contain multiple inbound and outbound security rules that enable you to filter traffic to and from resources by source and destination IP address, port, and protocol.

A network security group can contain as many rules as you need, within Azure subscription limits. Each rule specifies these properties:

NameA unique name for the NSG.
PriorityA number between 100 and 4096. Rules are processed in priority order, with lower numbers processed before higher numbers.
Source or DestinationA single IP address or IP address range, service tag, or application security group.
ProtocolTCP, UDP, or Any.
DirectionWhether the rule applies to inbound or outbound traffic.
Port RangeA single port or range of ports.
ActionAllow or Deny.

When you create a network security group, Azure creates a series of default rules to provide a baseline level of security. You can’t remove the default rules, but you can override them by creating new rules with higher priorities.


  • Filter network traffic by using network security groups


AZ-900Network Security

Related Posts

What are service-level agreements (SLAs)?
January 17, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

Advertise with usAbout UsContact Us

Social Media