Network Security Group (NSG), is an important component in Azures security. A Network Security Group provides security rules that allow or deny inbound network traffic to, or outbound network traffic from, various types of Azure resources. For every rule, you can specify source and destination, port, and protocol also. Azure Network Security Groups is a fully managed offering from Microsoft, and it works on layers 3 and 4 of the OSI model. Network Security Group can be linked with subnets of a VM or any subnets available within this network. A user can manage the Network Security Group of Azure using Azure portal, Azure CLI, Azure PowerShell.
Properties of a Network Security Group Rule-
- Name: Name should be unique within the Network Security Group.
- Priority: It follows number series, where lower numbers do have higher priority.
- Source or Destination: Should be IP address, CIDR block, Service Tag, or Application Security Group.
- Protocol: TCP, UDP, ICMP etc.
- Direction: Rule is applied for either inbound, or outbound traffic.
- Port range: Range should be 0-65535.
- Action: Allow or Deny
5-tuple hash is the evaluation to implement the Network Security Group (NSG) to allow or deny the traffic. This are
- Source IP
- Source Port
- Destination IP
- Destination Port
- Protocol












