Network security group

• Limit network traffic to resources in a virtual network
• Contains a list of security rules that allow or deny inbound or outbound network traffic
• Can be associated to a subnet or a network interface

NSG Rules

• Security rules in NSs enable you to filter network traffic that can flow in and out of virtual network subnets and network interfaces
• There are default security rules. You cannot delete the default rules, but you can add other rules with a higher priority.

NSG Effective Rules

• NSGs are evaluated independently for the subnet and NIC
• An “allow” rule must exist at both levels for traffic to be admitted
• Use the Effective Rules link if you are not sure which security rules are being applied