Azure Documentation

Associate Network Interface (NIC) with Network Security Group (NSG)

Introduction

Network Security Groups (NSGs) are fundamental to securing your Azure resources by filtering network traffic. Associating an NSG with a Network Interface (NIC) ensures that the security rules defined in the NSG are applied directly to the virtual machine's network adapter. This tutorial guides you through the process of associating an existing NSG with a NIC of a virtual machine in the Azure portal.

Prerequisites

  • An active Azure subscription.
  • A deployed Azure virtual machine.
  • An existing Azure Network Security Group.

Note: If you don't have an NSG, you can create one before proceeding. Navigate to "Network security groups" in the Azure portal and click "Create".

Steps

Step 1: Navigate to the Virtual Machine

  1. Sign in to the Azure portal.
  2. In the search bar at the top, type "Virtual machines" and select it from the search results.
  3. Locate and click on the virtual machine you want to configure.

Step 2: Access Network Interface Settings

  1. On the virtual machine's overview page, scroll down to the "Settings" section in the left-hand menu.
  2. Click on "Networking".
  3. Under the "Network interface" section, click on the name of the network interface. This will take you to the NIC's configuration page.

Step 3: Associate Network Security Group

  1. On the Network Interface page, in the left-hand menu, click on "Network security group".
  2. You will see the current NSG association status. If no NSG is associated, it will typically say "None".
  3. Click the "Edit" button.

Step 4: Select and Save NSG

  1. In the "Associate network security group" pane that appears, under "Network security group", select your desired NSG from the dropdown list.
  2. If you wish to create a new NSG instead, click "Create new".
  3. Once you have selected the NSG, click the "Save" button.

Verification

After saving, you can verify the association:

  • Navigate back to the Networking settings of your virtual machine.
  • The "Network interface" section should now display the name of the NSG you just associated.
  • Alternatively, go to the Network Security Group resource itself and check its "Network interfaces" tab. It should list your VM's NIC.

Important: Changes to NSG rules can affect network connectivity. Ensure that your NSG rules are correctly configured to allow necessary traffic and deny unwanted traffic.

Conclusion

You have successfully associated a Network Security Group with a virtual machine's Network Interface. This is a crucial step in implementing your network security strategy in Azure. Remember to regularly review and update your NSG rules as your application requirements evolve.

For more advanced configurations and considerations, refer to the official Azure NSG documentation.

Back to Top