Final answer:
Network security groups (NSGs) are essential for managing network security, with core features like filtering rules, default rules, rule priority, stateful inspection, the ability to be associated with multiple subnets and network interfaces, and audit logging capabilities.
Step-by-step explanation:
Core Features of Network Security Groups
Network security groups (NSGs) play a critical role in managing the network security for cloud environments. Some core features of NSGs include:
- Filtering Rules: NSGs allow the definition of inbound and outbound filtering rules to control traffic to and from network interfaces (NICs), virtual machine (VM) instances, and subnets.
- Default Rules: NSGs include default rules that allow or deny traffic, ensuring basic network connectivity and security is maintained.
- Priority of Rules: NSGs prioritize rules using a numbering system, where lower numbers have higher priority. This allows for explicit control over the traffic flow.
- Stateful Inspection: NSGs are stateful, meaning the replies to allowed inbound traffic are automatically allowed to flow out, and the same applies to outbound traffic.
- Association: NSGs can be associated with multiple subnets and network interfaces within the same region, allowing for flexible security strategies.
- Audit Logging: NSGs support logging capabilities for rules, which aids in monitoring, diagnosing and compliance reporting.
These features work together to protect networks against unauthorized access while enabling legitimate communication within and across network boundaries.