If we are dealing with the subject of Azure networking, we must not forget the area of security.
As a tool for this, Azure networking offers the following options:
- NSG
- Application security groups
An NSG contains a list of rules that allow or deny network traffic for resources associated with VNets.
Currently, there are the following types of NSGs:
- NSG applied to a NIC
- NSG applied to a subnet
- NSG applied to a VM (only available in a classical deployment)
If an NSG is associated with a subnet, the rules apply to all resources that are connected to the subnet. However, you can further restrict your data traffic by setting up NSGs for NICs or VMs.
An NSG cannot be used concurrently with an endpoint access control list (ACL). We come next to the keyword rules, or rather NSG rules. In principle, rules are offered in two categories, namely rules for incoming traffic and rules for outgoing traffic. As an action for all rules, only the following operations are possible: allow traffic – deny traffic...