|
1 | 1 | --- |
2 | | -title: Introduction to Network Configuration Diagnostics in Azure Network Watcher | Microsoft Docs |
3 | | -description: This page provides an overview of the Network Watcher - NSG Diagnostics |
| 2 | +title: Introduction to NSG Diagnostics in Azure Network Watcher |
| 3 | +description: Learn about Network Security Group (NSG) Diagnostics tool in Azure Network Watcher |
4 | 4 | services: network-watcher |
5 | | -documentationcenter: na |
6 | 5 | author: halkazwini |
7 | 6 | ms.service: network-watcher |
8 | | -ms.topic: article |
9 | | -ms.tgt_pltfrm: na |
10 | | -ms.workload: infrastructure-services |
11 | | -ms.date: 01/04/2023 |
12 | | -ms.custom: engagement-fy23 |
13 | 7 | ms.author: halkazwini |
| 8 | +ms.reviewer: shijaiswal |
| 9 | +ms.topic: conceptual |
| 10 | +ms.workload: infrastructure-services |
| 11 | +ms.date: 01/20/2023 |
| 12 | +ms.custom: template-concept, engagement-fy23 |
14 | 13 | --- |
15 | 14 |
|
16 | 15 | # Introduction to NSG Diagnostics in Azure Network Watcher |
17 | 16 |
|
18 | | -The NSG Diagnostics tool helps customers understand which traffic flows will be allowed or denied in your Azure Virtual Network along with detailed information for debugging. It can help you in understanding if your NSG rules are configured correctly. |
| 17 | +The Network Security Group (NSG) Diagnostics is an Azure Network Watcher tool that helps you understand which network traffic is allowed or denied in your Azure Virtual Network along with detailed information for debugging. It can help you in understanding if your NSG rules are configured correctly. |
19 | 18 |
|
20 | | -## Pre-requisites |
21 | | -For using NSG Diagnostics, Network Watcher must be enabled in your subscription. See [Create an Azure Network Watcher instance](./network-watcher-create.md) to enable. |
| 19 | +> [!NOTE] |
| 20 | +> To use NSG Diagnostics, Network Watcher must be enabled in your subscription. See [Create an Azure Network Watcher instance](./network-watcher-create.md) to enable. |
22 | 21 |
|
23 | 22 | ## Background |
24 | 23 |
|
25 | | -- Your resources in Azure are connected via Virtual Networks (VNETs) and subnets. The security of these VNets and subnets can be managed using a Network Security Group (NSG). |
26 | | -- An NSG contains a list of security rules that allow or deny network traffic to resources it is connected to. NSGs can be associated with subnets, individual VMs, or individual network interfaces (NICs) attached to VMs. |
| 24 | +- Your resources in Azure are connected via [virtual networks (VNets)](../virtual-network/virtual-networks-overview.md) and subnets. The security of these VNets and subnets can be managed using [network security groups (NSGs)](../virtual-network/network-security-groups-overview.md). |
| 25 | +- An NSG contains a list of [security rules](../virtual-network/network-security-groups-overview.md#security-rules) that allow or deny network traffic to resources it's connected to. An NSG can be associated to a virtual network subnet or individual network interface (NIC) attached to a virtual machine (VM). |
27 | 26 | - All traffic flows in your network are evaluated using the rules in the applicable NSG. |
28 | | -- Rules are evaluated based on priority number from lowest to highest |
| 27 | +- Rules are evaluated based on priority number from lowest to highest. |
29 | 28 |
|
30 | 29 | ## How does NSG Diagnostics work? |
31 | 30 |
|
32 | | -For a given flow, the NSG Diagnostics tool runs a simulation of the flow and returns whether the flow would be allowed (or denied) and detailed information about rules allowing/denying the flow. Customers must provide details of a flow like source, destination, protocol, etc. The tool returns whether traffic was allowed or denied, the NSG rules that were evaluated for the specified flow and the evaluation results for every rule. |
| 31 | +For a given flow, after you provide details like source and destination, the NSG Diagnostics tool runs a simulation of the flow and returns whether the flow would be allowed or denied with detailed information about the security rule allowing or denying the flow. |
33 | 32 |
|
34 | 33 | ## Next steps |
35 | 34 |
|
|
0 commit comments