Organizations use virtual networks to enable resources to communicate with other resources, over the internet, and with on-premises networks. To provide secure communication and control access within a virtual network, you can use network security groups and network security group rules.

In this module, suppose your company has several sites. All users in the company will use an enterprise resource planning app to migrate to Azure. The company will only consider moving key systems onto the platform if stringent security requirements can be met. These requirements include tight control over which computers have network access to the servers running the app. You need to secure both virtual machine networking and Azure services networking. Your goal is to prevent unwanted or unsecured network traffic from being able to reach key systems.

You need to implement network security groups. You need to create network security group rules and ensure the rules are correctly applied.

Learning objectives

In this module, you learn how to:

  • Determine when to use network security groups.
  • Implement network security group rules.
  • Evaluate network security group effective rules.
  • Examine advantages of application security groups.

Skills measured

The content in the module helps you prepare for Exam AZ-104: Microsoft Azure Administrator. The module concepts are covered in:

Configure and manage virtual networking (25–30%)

  • Secure access to virtual networks
    • Create security rules.
    • Associate a network security group (NSG) to a subnet or network interface.
    • Evaluate effective security rules.