Segment and isolate Azure workloads using network security controls
Intermediate
Security Engineer
Azure
Azure Virtual Network
Azure Network Watcher
Segment Azure workloads to control lateral movement and enforce least-privilege network access using NSGs, ASGs, Azure Virtual Network Manager, and Network Watcher verification.
Learning objectives
After completing this module, you'll be able to:
- Assess a virtual network topology to identify lateral movement risk and network segmentation gaps
- Configure NSG rules to enforce least-privilege access between Azure workloads
- Use ASGs to simplify and maintain NSG rule sets for grouped workloads
- Configure Azure Virtual Network Manager security admin rules to enforce organization-wide network policies
- Verify effective network security rules using Network Watcher diagnostics
Prerequisites
- Familiarity with Azure virtual networks and subnets
- Experience deploying Azure resources in the Azure portal
- Basic understanding of network security groups and port-based traffic filtering
Get started with Azure
Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.