Network Security Groups

IntermediateSecurity
Azure NSGAWS Security Groupsiptables

Objective

Hands-on practice with network security groups techniques.

Tools & Technologies

  • Azure NSG
  • AWS Security Groups
  • iptables

Key Commands

az network nsg rule create
aws ec2 authorize-security-group-ingress
iptables -A INPUT -s 10.0.0.0/8 -j ACCEPT

Lab Steps

01
Azure NSG Rules

Create inbound and outbound rules in Azure NSGs with priority ordering.

02
AWS Security Groups

Configure stateful security groups for EC2 instances.

03
Rule Priority

Understand how priority numbers affect rule evaluation order.

04
Least Privilege

Apply principle of least privilege — deny all, allow only what is needed.

Challenges Encountered

  • Overlapping rules with different priorities cause unexpected behavior
  • NSG changes take effect immediately and can break running connections

Key Takeaways

  • Cloud security groups are stateful — return traffic is automatically allowed
  • Always audit security group rules periodically for stale entries