Also read Azure Firewall versus NSGs and GCP Firewall Rules

NSGs are also network level allow deny rules. They can be applied at a Network Interface level or a subnet level.

Best practices is to apply NSGs at the subnet level or network interface level , but not both.

So, how is Azure Firewall any different?

Azure Firewall is a managed firewall service. As opposed to NSGs, it can filter Layer 7 (http,https) application traffic as well.  Azure Firewall provides the same capabilities as an NSG, plus more.




Need an experienced Cloud Networking or a Cloud Data Protection Expert?  Anuj has successfully delivered over a dozen deployments on each of the public clouds (AWS/GCP/Azure) including several DevSecOps engagements. Set up a time with Anuj Varma.

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

 Twitter Linkedin