Overview
ASGs enable you to define fine-grained network security policies based on workloads, centralized on applications, instead of explicit IP addresses. Provides the capability to group VMs with monikers and secure applications by filtering traffic from trusted segments of your network.
Implementing granular security traffic controls improves isolation of workloads and protects them individually. If a breach occurs, this technique limits the potential impact of lateral exploration of your networks from hackers.
In this blog post, you learn how to:
- Create an application security group
-
Associate an application security group to a Virtual Machines
Create application security groups
If you prefer, you can complete this tutorial using the Azure CLI or PowerShell.
If you don’t have an Azure subscription, create a free account before you begin.
Sign in to Azure
Sign in to the Azure portal at https://portal.azure.com.
Select + Create a resource on the upper, left corner of the Azure portal.
In the Search the Marketplace box, enter Application security group. When Application security group appears in the search results, select it, select Application security group again under Everything, and then select Create.
Enter, or select, the following information, and then select Create:
| Setting | Value |
| Name | myASG |
| Subscription | Select your subscription. |
| Resource group | Select Use existing and then select your ResourceGroup. |
| Location | West Europe |
Associate Virtual Machine to Application security group
In the virtual machine blade, locate the Networking settings
In the Networking settings, select the Configure the application security groups
Click Save to commit the change
Application security groups successfully created.
Abou Conde's Blog 