{"id":40695,"date":"2021-05-14T09:48:55","date_gmt":"2021-05-14T09:48:55","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=40695"},"modified":"2021-05-14T09:48:57","modified_gmt":"2021-05-14T09:48:57","slug":"what-is-azure-network-security-groups","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/","title":{"rendered":"What is Azure Network Security Groups?"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n\n\n\n<p>In this, we will learn the Azure Network Security Groups and its rule.<\/p>\n\n\n\n<p>You can use an Azure network security group for filtering network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. However, for each rule, you can specify source and destination, port, and protocol.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Security rules<\/strong><\/h5>\n\n\n\n<p>A network security group contains zero, or as many rules as desired, within Azure subscription limits. Each rule specifies the following properties:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"771\" height=\"514\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-2.png\" alt=\"Azure Network Security Groups rules\" class=\"wp-image-40784\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-2.png 771w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-2-600x400.png 600w\" sizes=\"auto, (max-width: 771px) 100vw, 771px\" \/><figcaption><strong>Image Source: Microsoft<\/strong><\/figcaption><\/figure><\/div>\n\n\n\n<p>Network security group security rules evaluate by priority using the 5-tuple information to allow or deny the traffic. You may not create two security rules with the same priority and direction. A flow record get creates for existing connections. Communication allowance or deny depends on the connection state of the flow record. The flow record allows a network security group to be stateful. However, if you specify an outbound security rule to any address over port 80, for example, it&#8217;s not necessary to specify an inbound security rule for the response to the outbound traffic. You only need to specify an inbound security rule if communication initiates externally. The opposite is also true. <\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-free-practice-test\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png\" alt=\"Practice tests Azure Network Security Groups\"\/><\/a><\/figure><\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Default security rules<\/strong><\/h5>\n\n\n\n<p>Azure creates the following default rules in each network security group that you create:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"791\" height=\"878\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-3.png\" alt=\"security rules\" class=\"wp-image-40785\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-3.png 791w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-3-360x400.png 360w\" sizes=\"auto, (max-width: 791px) 100vw, 791px\" \/><figcaption><strong>Image Source: Microsoft<\/strong><\/figcaption><\/figure><\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Azure platform considerations<\/strong><\/h5>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, <strong>Virtual IP of the host node.<\/strong> Basic infrastructure services like DHCP, DNS, IMDS, and health monitoring are provided through the virtualized host IP addresses 168.63.129.16 and 169.254.169.254. These IP addresses belong to Microsoft and are the only virtualized IP addresses used in all regions for this purpose. Further, for overriding this basic infrastructure communication, you can create a security rule to deny traffic by using the service tags on your Network Security Group rules.<\/li><li>Secondly, <strong>Licensing (Key Management Service).<\/strong> Windows images running in virtual machines must have a license. To ensure licensing, a request is sent to the Key Management Service host servers that handle such queries. The request outbounds through port 1688. <\/li><li>Thirdly, <strong>Virtual machines in load-balanced pools<\/strong>. The source port and address range applied are from the originating computer, not the load balancer. The destination port and address range are for the destination computer, not the load balancer.<\/li><li>Then, <strong>Azure service instances<\/strong>. Instances of several Azure services, such as HDInsight, Application Service Environments, and Virtual Machine Scale Sets deploy in virtual network subnets. <\/li><li>Lastly, <strong>Sending outbound emails<\/strong>. Microsoft recommends that you utilize authenticated SMTP relay services to send email from Azure Virtual Machines. SMTP relay services specialize in sender reputation, to minimize the possibility that third-party email providers reject messages.<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-practice-exam\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-course.png\" alt=\"sc-900 online course\"\/><\/a><\/figure><\/div>\n\n\n\n<p><strong>Reference:<\/strong> <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/virtual-network\/network-security-groups-overview\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Documentation<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to Tutorial In this, we will learn the Azure Network Security Groups and its rule. You can use an Azure network security group for filtering network traffic to and from Azure resources in an Azure virtual network. A network security group contains security rules that allow or deny inbound network traffic to, or&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"class_list":["post-40695","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What is Azure Network Security Groups? - Testprep Training Tutorials<\/title>\n<meta name=\"description\" content=\"Upgrade your knowledge by learning and understanding the Azure Network Security Groups. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Azure Network Security Groups? - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Upgrade your knowledge by learning and understanding the Azure Network Security Groups. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-14T09:48:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-2.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/\",\"name\":\"What is Azure Network Security Groups? - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2021-05-14T09:48:55+00:00\",\"dateModified\":\"2021-05-14T09:48:57+00:00\",\"description\":\"Upgrade your knowledge by learning and understanding the Azure Network Security Groups. Prepare and pass the Microsoft SC-900 Exam Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is Azure Network Security Groups?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is Azure Network Security Groups? - Testprep Training Tutorials","description":"Upgrade your knowledge by learning and understanding the Azure Network Security Groups. Prepare and pass the Microsoft SC-900 Exam Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/","og_locale":"en_US","og_type":"article","og_title":"What is Azure Network Security Groups? - Testprep Training Tutorials","og_description":"Upgrade your knowledge by learning and understanding the Azure Network Security Groups. Prepare and pass the Microsoft SC-900 Exam Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2021-05-14T09:48:57+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc900-exam-2.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/","name":"What is Azure Network Security Groups? - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2021-05-14T09:48:55+00:00","dateModified":"2021-05-14T09:48:57+00:00","description":"Upgrade your knowledge by learning and understanding the Azure Network Security Groups. Prepare and pass the Microsoft SC-900 Exam Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/what-is-azure-network-security-groups\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"What is Azure Network Security Groups?"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=40695"}],"version-history":[{"count":5,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40695\/revisions"}],"predecessor-version":[{"id":40824,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40695\/revisions\/40824"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=40695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=40695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=40695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}