Network security group by Bhawna vishwakarma
Heartless24
11 views
20 slides
Sep 19, 2024
Slide 1 of 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
About This Presentation
NSGs are used to control inbound and outbound access to Subnets, VMs and network interfaces (NICs). NSGs are not Endpoint ACLs!
Each NSG contains one or more rules.
Each rule determines if a traffic is Approved or Denied.
Approval and Denial in each rule is based on source IP address, source port...
Slide Content
N etwork S ecurity G roup Present by : Bhawna Vishwakarma Course : B.Tech (CSE) 4 th Sem
Overview: What is Network Security Group (NSG). How can we Create, change, or delete a network security group (NSG). What is Ports ? Types of Ports. Uses of Ports.
What Is Network Security Group (NSG) ? NSGs are used to control inbound and outbound access to Subnets, VMs and network interfaces (NICs). NSGs are not Endpoint ACLs ! Each NSG contains one or more rules. Each rule determines if a traffic is Approved or Denied . Approval and Denial in each rule is based on source IP address, source port, destination IP address, and destination port. Rules have priorities. There are some Default rules in each NSG when they are created.
Default Security Rules Azure creates the following default rules in each network security group that you create: Inbound : Inbound traffic refers to the data that is coming into an Azure resource, such as a virtual machine, from outside of the Azure network. This traffic can come from the internet, other networks, or other Azure resources. Inbound traffic is subject to network security rules and will restrict or allow based on various criteria such as source IP address, port number, protocol, and more. It is important to properly configure inbound traffic rules to ensure the security and performance of your Azure resources. What is Inbound traffic ?
1. AllowVNetInBound : Priority Source Source ports Destina-tion Destina-tion ports Protocol Access 65000 VirtualNetwork 0-65535 VirtualNetwork 0-65535 Any Allow 2. AllowAzureLoadBalancerInBound : Priority Source Source ports Destination Destination ports Protocol Access 65001 AzureLoadBalancer 0-65535 0.0.0.0/0 0-65535 Any Allow
3. DenyAllInbound : Priority Source Source ports Destination Destination ports Protocol Access 65500 0.0.0.0/0 0-65535 0.0.0.0/0 0-65535 Any Deny NOTE : You can't remove the default rules, but you can override them by creating rules with higher priorities.
Outbound : Outbound traffic refers to the data that is leaving an Azure resource, such as a virtual machine, and heading outside of the Azure network. Outbound traffic originates from inside the network and it is intended for services located on the internet or outside the network. While firewalls will primarily block the incoming traffic from entering a network, and can also prevent external connections from receiving outgoing traffic. What is Outbound traffic ?
1. AllowVnetOutBound : Priority Source Source ports Destination Destination ports Protocol Access 65000 VirtualNetwork 0-65535 VirtualNetwork 0-65535 Any Allow 2. AllowInternetOutBound : Priority Source Source ports Destination Destination ports Protocol Access 65001 0.0.0.0/0 0-65535 Internet 0-65535 Any Allow
3. DenyAllOutBound : Priority Source Source ports Destination Destination ports Protocol Access 65500 0.0.0.0/0 0-65535 0.0.0.0/0 0-65535 Any Deny You can't remove the default rules, but you can override them by creating rules with higher priorities. NOTE :
NSG Construct : Every NSG has a : Name Location Resource Group Name Resource Group Name Name Location/Region
How Can We Create, Change, Or Delete A Network Security Group (NSG). Work with network security group You can create, view all, view details of , change , and delete a network security group. You can also associate or dissociate a network security group from a network interface or a subnet.
Associate or dissociate a network security group to or from a subnet. Create a security rule. Delete a security rule. In this section we are going to perform these action in network security group. Create a network security group . Delete network security group. Change a network security group.
Create A Network Security Group Select your R esource G roup Enter your Name Select your Region In AZURE PORTAL Than click on review + Create .
Delete Network Security Group. Click on Delete Then click on Yes In AZURE PORTAL
Change A Network Security Group. Associate or dissociate a network security group to or from a subnet. 1 st Click on Subnet Click on Three D ot To associate :- To dissociate :- Then click on Associate After that click on Yes. Then click on Dissociate After that click on Yes.
Create a security rule . If you want to create Inbound or Outbound rules then click on Inbound or O utbound option. Click on Add Then fill the information and ports. In AZURE PORTAL After that click on Yes .
Delete a security rule . If you want to delete Inbound or Outbound rules then click on Inbound or Outbound option . After that select the rule which you wanna delete. Then click on Delete After that click on Yes . In AZURE PORTAL
What Is Ports ? A Port is a communication endpoint in a computer network or internet . It is identified by a unique number assigned to a specific type of network service. Microsoft Azure uses the following ports for communication : Protocol Port Description HTTP (Hypertext Transfer Protocol) 80 Foundation of data communication on the World Wide Web for transmitting hypertext between browsers and servers. HTTPS (Hypertext Transfer Protocol Secure) 443 Secure version of HTTP, encrypting data exchanged between web browsers and servers, commonly used for secure transactions. SSH (Secure Shell) 22 Secure protocol for remote access, providing encrypted communication for remote administration and file transfer. RDP (Remote Desktop Protocol) 3389 Microsoft's protocol for remote desktop access, allowing users to control a remote computer with a graphical interface.
Types Of Ports/Uses Of Ports. Protocol Port Description HTTP (Hypertext Transfer Protocol) 80 Standard unencrypted web traffic. HTTPS (Hypertext Transfer Protocol Secure) 443 Encrypted web traffic using SSL/TLS. SSH (Secure Shell) 22 Secure protocol for remote access, commonly used for managing virtual machines . RDP (Remote Desktop Protocol) 3389 Remote Desktop Protocol for accessing Windows-based virtual machines. FTP (File Transfer Protocol) 21 File Transfer Protocol for transferring files between systems. FTPS (FTP Secure) 990 Secure version of FTP that uses SSL/TLS for encryption. SFTP (SSH File Transfer Protocol) 22 Secure File Transfer Protocol using SSH for encryption. SMTP (Simple Mail Transfer Protocol) 25 Simple Mail Transfer Protocol for sending emails. DNS (Domain Name System) 53 Resolves domain names to IP addresses. SQL (Microsoft SQL Server) 1433 Default port for Microsoft SQL Server database connections. HTTPS (Application Gateway) 443 Used by Azure Application Gateway for secure traffic handling. Azure Storage (Blob, Table, Queue) 443 Secure access to Azure Storage services. Azure Service Bus 5671 Secure AMQP (Advanced Message Queuing Protocol) communication for Azure Service Bus. Azure Active Directory (AAD) 443 Communication for Azure AD services, including authentication and authorization. Azure Management 443 Secure communication for Azure management services. Azure Virtual Network VPN 500, 4500 IPsec VPN communication for connecting virtual networks. Azure SQL Managed Instance 1433, 11000-11999 Ports for connecting to Azure SQL Managed Instance. Azure Key Vault 443 Secure communication for Azure Key Vault, used for storing and managing secrets, keys, and certificates.
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 11
- Slides 20
- Age 437 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views