Implementing Network Security Groups
This tutorial will help you to learn about Implementing Network Security Groups. Security rules in network security groups helps you to filter the type of network traffic that can flow in and out of the virtual network subnets and network interfaces.
Create a network security group
There is a limitiation to how many network security groups you can create for each of them – Azure location and subscription. Follow the steps below –
- select, On the Azure portal menu or from the Home page, Create a resource.
- Subsequently, Networking, then select Network security group.
- In the Create network security group page, under the Basics tab, set values for the following settings:
Setting | Action |
---|---|
Subscription | Choose your subscription. |
Resource group | Choose an existing resource group, or select Create new to create a new resource group. |
Name | Enter a unique text string within a resource group. |
Region | Choose the location you want. |
- After that, Select Review + create.
- After you see the Validation passed message, select Create.
View all network security groups
Now, visit the Azure portal to see your network security groups. Search for and then choose Network security groups. The list of network security groups will appear for your subscription on the screen.
View details of a network security group
- Visit the Azure portal to view the network security groups created by you. Search for and then select the Network security groups.
- Also, Select the name of the network security group created by you.
In the menu bar for network security group, under the Settings, you can see the Inbound security rules, Outbound security rules, Network interfaces, and Subnets that the network security group is related with.
Under heading- Monitoring, you can enable or disable Diagnostic settings. Under the heading – Support + troubleshooting, you can view Effective security rules.
Change a network security group
- Visit the Azure portal to view your network security groups. Search for and select the option – Network security groups.
- Choose the name of the network security group that you want to change.
Delete a network security group
If a network security group is related to any subnets or network interfaces, it can’t be deleted. Dissociate a network security group from all subnets and network interfaces before trying to delete it.
- Firstly, visit Azure portal to view your network security groups. Search for and then choose Network security groups.
- Subsequently, Select the name of the network security group, that was created by you, you want to delete.
- In the network security group’s toolbar, lastly, select Delete. Then choose Yes in the confirmation dialog box to proceed further.
Create a security rule
There’s a limit to number of how many rules per network security group can be createD for each Azure location and subscription.
- Firstly, visit the Azure portal to view your network security groups. Search for and then select Network security groups.
- Select the name of the network security group to which you want to add security.
- In the network security group’s menu bar, choose one of them – Inbound security rules or Outbound security rules. Now, Several existing rules are listed, including some you might not have added. When you create a network security group, several default security rules are created in it.
- Now, Select Add. Select or add values according to the settings you want, and then select OK.
View details of a security rule
- Visit portal to view the rules of a network security group. Now, look for and select Network security groups.
- Subsequently, Select the name of the network security group that you want to view the details of a rule for.
- Now, In the network security group’s menu bar, choose one of them – Inbound security rules or Outbound security rules.
- Finally, Select the rule for which you want to view details.
Change a security rule
- Firstly, Complete the steps in View details of a security rule.
- Change the settings as per your need, and then select Save.
Delete a security rule
- Finish the steps in View details of a security rule.
- Choose Delete, and then select Yes.
Create an application security group
- Visit Azure portal menu or from the Home page, choose Create a resource.
- Enter Application security group In the search box.
- Now, In the Application security group page, select Create option.
- Subsequently, In the Create an application security group page, under the Basics tab, set values for the below mentioned settings:
Setting | Action |
---|---|
Subscription | Choose your subscription. |
Resource group | Choose an existing resource group, or select Create new to create a new resource group. |
Name | Enter a unique text string within a resource group. |
Region | Choose the location you want. |
- Choose Review + create.
- Subsequently, Under the Review + create tab, after you seeing the Validation passed message, choose Create.
View all application security groups
Visit the Azure portal to view your application security groups. Choose Application security groups. The Azure portal will be displaying a list of your application security groups.
View details of a specific application security group
- Visit the Azure portal to view an application security group. Choose Application security groups.
- Select the name of the application security group you wanted to see the details of.
Change an application security group
- Visit the Azure portal to see an application security group. choose Application security groups.
- Choose and view the name of the application security group that you want to change.
- Choose change next to the setting that you want to alter.
Delete an application security group
- Visit the Azure portal to manage your application security groups. Choose Application security groups.
- Subsequently, Select the name of the application security group that you wanted to remove or delete.
- Now choose Delete, and then select Yes to delete the security group.
Permissions
To perform tasks on network security groups, security rules, and application security groups, the account must be assigned to the Network contributor role or to a Custom role that will be assigning appropriate permissions for operations.
Reference documentation – Create, change, or delete a network security group