neil.bailie/ January 22, 2018/ Azure Networking, Microsoft Azure/ 0 comments

Augmented rules for Network Security Groups (NSGs) has gone GA!

Having used NSGs extensively since I started working in Azure, I know augmented security rules will make NSGs much easier to build out and manage.  You now have the capability to create a single rule with multiple source IPs, destination IPs, and ports, something that previously would have required multiple rules.

Take the following example, I want to permit my source machine (10.0.0.50) to talk to 2 web servers (10.10.10.100 & 10.10.10.101) over http and https, before augmented rules this would have required 4 rules as shown below:

Network Security Group

Network Security Group

With augmented rules now available this can be consolidated into a single rule:

Creating augmented rules can be completed by using the Azure Portal, PowerShell, CLI or JSON.  The example below shows just how simple this process is in the Azure Portal by using commas to separate values!

Time to start tidying up NSGs!!

I’ll write soon about Application Security Groups and what they bring to enhance NSG usability further in a future post.

More information on augmented rules can be found here (https://docs.microsoft.com/en-us/azure/virtual-network/security-overview#augmented-security-rules)

Leave a Comment

Your e-mail address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>
*
*

This site uses Akismet to reduce spam. Learn how your comment data is processed.