Network Security Group (NSG) vs Application Security Group

Home » Azure Cheat Sheets » Comparison of Azure Services » Network Security Group (NSG) vs Application Security Group

Network Security Group (NSG) vs Application Security Group

Last updated on March 20, 2023

 

Network Security Group

Application Security Group

Description

A network security group is used to enforce and control network traffic.

An application security group is an object reference within an NSG.

Features

Controls the inbound and outbound traffic at the subnet level.

Controls the inbound and outbound traffic at the network interface level.

Rules

Rules are applied to all resources in the associated subnet.

Rules are applied to all ASGs in the same virtual network.

Direction

Has separate rules for inbound and outbound traffic.

Has separate rules for inbound and outbound traffic.

Limits

NSG has a limit of 1000 rules.

ASGs that can be specified within all security rules of an NSG have a limit of 100 rules.

Action

Supports ALLOW and DENY rules.

Supports ALLOW and DENY rules.

Constraints

You are not allowed to specify multiple IP addresses and IP address ranges in the NSG created by the classic deployment model.

You are not allowed to specify multiple ASGs in the source or destination.

 

Network Security Group (NSG) vs Application Security Group Resources:

https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
https://docs.microsoft.com/en-us/azure/virtual-network/application-security-groups

Tutorials Dojo portal

Be Inspired and Mentored with Cloud Career Journeys!

Tutorials Dojo portal

Enroll Now – Our Azure Certification Exam Reviewers

Tutorials dojo strip

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

Written by: Jon Bonso

Jon Bonso is the co-founder of Tutorials Dojo, an EdTech startup and an AWS Digital Training Partner that provides high-quality educational materials in the cloud computing space. He graduated from Mapúa Institute of Technology in 2007 with a bachelor's degree in Information Technology. Jon holds 10 AWS Certifications and is also an active AWS Community Builder since 2020.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?