Implement Network Security Groups (NSGs) and Application Security Groups (ASGs) in Azure
Secure Azure VMs using Network Security Groups and Application Security Groups. Create rules, control traffic flow, and implement least privilege access.
Lab overview
Network Security Groups (NSGs) act as cloud-based firewalls that control network traffic to Azure resources. Application Security Groups (ASGs) let you group virtual machines by application role, making security rules easier to manage and scale. Together, they help you implement secure multi-tier architectures without managing individual IP addresses.
In this lab, you will secure a two-tier web application using NSGs and ASGs. You'll create application security groups for web and database tiers, configure network security rules, and test how priority-based rule evaluation controls traffic between application layers.
Objectives
Upon completion of this beginner level lab, you will be able to:
- Create and assign Application Security Groups to organize VMs by application tier
- Deploy a Network Security Group and associate it with virtual network subnets
- Configure custom inbound security rules using priority-based evaluation
- Implement least privilege security by combining allow and deny rules with ASGs
- Test and validate security configurations to verify allowed and blocked traffic flows
Who is this lab for?
This lab is designed for:
- Azure Administrators managing virtual network security
- Cloud Security Engineers implementing network-level controls
- IT Professionals preparing for Azure certifications (AZ-104, AZ-500)
- DevOps Engineers maintaining scalable security policies
- Anyone new to Azure networking and security concepts
Verified against your live environment
An automated validation engine inspects your actual resources and configurations as you work. Completion means the task was performed — not multiple choice, real-world proficiency.
More labs like this
Creating a Web App on Azure App Service using Azure Portal
Learn how to create, configure, and deploy a web application using Azure App Service through the Azure Portal's interface.
Configure Azure Monitor Alerts and Action Groups for App Service
Create metric alerts, log search alerts, and action groups to monitor an Azure App Service and respond to threshold breaches.
Creating and Deploying Azure Functions using Azure Functions Core Tools
In this lab, you will learn how to create and deploy Azure Functions using Azure Functions Core Tools.
Related reading
Environment
Every lab includes
- Real environment, pre-credentialed
- Automated checks on every step
- Isolated sandbox, auto cleanup
- AI-recommended next steps
Lab curriculum
- 01
Logging into Azure Account using Azure Portal
- 02
Introduction and Lab Overview
- 03
Creating and Assigning Application Security Groups (ASGs)
2 automated checks
- 04
Creating and Associating Network Security Groups (NSGs)
1 automated check
- 05
Creating and Testing Security Rules
1 automated check
Not the lab you were looking for?
Browse 150+ hands-on labs across AWS, Azure, Kubernetes, Docker, and cloud security.