Network Security Group (NSG) defines a set of access rules to control the incoming and outgoing traffic for an Azure Resource. We can think of it as a firewall in Azure. We can apply this NSG to either of the three levels.
- VNet level
- Subnet level
- VM (NIC) level
NSG acts as a filter for the inbound and outbound traffic for the resource.
Any web request made to an azure resource (configured with NSG) has to pass all the filters to enter the resource, and the same applies to out-going requests as well.
Typically, NSG rules look like this in Azure.