Network Security Group (NGS), Firewall and DDoS Protection
Last updated
Last updated
Concept is to enforce security through all the layers of your application
Data
- i.e virtual network endpoint
Application
- i.e API Management
Compute
- i.e Limit Remote Desktop access, Windows Update
Network
- i.e NSG, use of subnets, deny by default
Perimeter
- i.e DDoS, Firewalls
Identity & access
- i.e Azure AD
Physical
- i.e Door locks and key cards
Basically a collection of ports that are allowed
NGS is a very simplistic set of rules
When used right you can turn of a lot of access
Denly by default
Is more of an intelligent device that will analyze traffic that comes in
Will analyze certain bad patterns
Example: Block SQL Injection attacks and XSS attacks