Network Security Groups in Azure — The Fundamentals , Which Direction to Apply Rules, What would source and target ports be, Does return reply traffic need to be explicitly permitted(1/3) ?

NSGs(Network Security Groups) are used to filter network traffic to and from Azure resources
INBOUND rules in NSG
OUTBOUND rules in NSG
NSG Rules are evaluated by priority,using the 5 tuple information
NSG Inbound and Outbound Rules

It must be noted that the above images for INBOUND/OUTBOUND rules under NSG (Azure portal) show only Source IP, Destination IP and ‘Destination’ Port.(when the portal does not explicitly mention ‘source’ or ‘destination’ port,it always reflects ‘destination’ port and omits showing ‘source’ port)

Complete Details on a NSG Rule
Illustration - NSG Evaluation
NSGs and Outbound Traffic from a VM - NIC and Subnet Levels
NSGs and Inbound Traffic to VM - Subnet and NIC Levels
NSG — Communication between Subnets in same VNET is allowed by default

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store