Creating NSG rules
Now that we have associated the NSG with its default rules with a subnet, we need to create a new NSG rule that will deny Remote Desktop Protocol (RDP) traffic from the internet to the entire VNet. In order to do this, we need to do the following:
- Navigate to the Azure portal by opening a web browser and visiting https://portal.azure.com/#home.
- In the left menu, select All resources, and in the search bar, type
network security group
. Select the NSG we created earlier – in my case, it will be Prod-NSG:
- Under the Settings pane, select Inbound security rules and click on Add:
- Next, under Source, select Service Tag, and under Source service tag, select Internet from the dropdown list. Next, leave Source port ranges with an asterisk sign. Destination will be the VirtualNetwork...