Configure Application Security Groups in Azure

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

Application Security Groups (ASG) are a feature within Azure that helps simplify the management of Network Security Group (NSG) rules.

In this lab, you will have the opportunity to learn about how to create and implement an ASG for some pre-configured network resources.

After completing this lab, you will be familiar with the purpose of an ASG, how to create one, and how to associate it with a virtual machine and NSG.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create an Application Security Group

Use the Azure Portal to perform the following tasks. Please log in with the credentials provided to you for this lab.

Please take note of the region in use for all of the resources that have been deployed for you, as we will need to use the same region in the following steps.

Create an Application Security Group

  1. Click on the + Create a resource option.
  2. Search for ‘application security group’.
  3. Choose the ‘application security group’ option, then click on ‘Create’
  4. Create the application security group with the following settings:
    • Subscription: select the existing subscription
    • Resource group: select the existing resource group
    • Name: webvms-asg
    • Region: select the region in use for your existing resources
      1. Click on Review + create
Associate WEBVM1 with the Application Security Group

Use the Azure Portal to perform the following tasks. Please log in with the credentials provided to you for this lab.

We need to associate our WEBVM1 with the application security group that we just created.

Associate WEBVM1 with the Application Security Group

  1. Click on Virtual machines option.
  2. Select the provided virtual machine.
  3. Click on Networking.
  4. Choose the Application security groups.
  5. From the dropdown that appears, select the security group that we created, then select Save.
Update the Network Security Group to use the Application Security Group

Use the Azure Portal to perform the following tasks. Please log in with the credentials provided to you for this lab.

Update the Network Security Group to use the Application Security Group

  1. Navigate to the network security group, shared-nsg, which has been created for you. You may search for shared-nsg, access via all resources, or through the ‘Network Security Groups’ service page.
  2. Click on Inbound security rules in the Settings section of the resource menu on the left-hand side.
  3. Click on the existing rule, allow_rdp_webservers, within the working pane (middle of the screen).
  4. Set the Destination, to be Application security group.
  5. Select webvms-asg, which you created in a previous objective, for the Destination application security group.
  6. Click on Save.

Note: You may now choose to verify that the network security group is working as expected by connecting to webvm1 using RDP.

To do so, use an RDP client from your computer, and connect via the public IP address.

The credentials are as follows:

  • Username: azureuser
  • Password: labh0l-526-learn!

Additional Resources

You have recently been hired as an Azure security engineer, and you are now responsible for the management of network security groups within an existing environment.

Your manager has asked you to help simplify the management of an existing network security group by using application security groups.

You must create an application security group, associate it with an existing virtual machine, and configure security rules within an existing network security group.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!
Thanks for reaching out!

You’ll hear from us shortly. In the meantime, why not check out what our customers have to say about ACG?