Application Security Groups now available to the public
Application security groups (ASGs) enable you to define fine-grained network security policies based on workloads, applications, or environments instead of explicit IP addresses. You can group VMs with named monikers and secure applications by filtering traffic from trusted segments of your network.
Implementing granular security traffic controls improves isolation of workloads and protects them individually. If a breach occurs, this technique limits the potential impact of lateral exploration of your networks from hackers.
With Application Security Groups, filtering traffic based on applications patterns is simplified, and,
along with the latest improvements in network security groups (NSGs), bring the following benefits:
- A unified management experience.
- Increased limits on multiple dimensions.
- Greater simplification.
- A natural expression of security policies.
For more details see the NSG overview article, which also explains ASGs.
Learn how to implement NSGs and ASGs on the following tutorial.
Offer suggestions and feedback for ASGs, as well as future scenarios through our user voice channel. Stay tuned for more interesting updates in the network security space from Azure.
Source: Azure Roadmap