Thank you very much, please share it around, I could do with the extra subs. There are a number of videos in this series lined up for release interwined with some off topic videos
No problem, i will be making a whole series on these and then moving onto the next course, it’s it material to back up my teaching but I hope more people watch and get something out of it
It may look that way when you first see them but it is not the case. An NSG can be attached to a subnet or a vNIC of a VM, it does not understand anything about the traffic other than port numbers and the IPs of where it has come from and is going too. Think of it like a moat around a castle, it does not do anything but you can only cross where there is a bridge (allow port in the NSG). This also combines with JIT or Just In Time Administration, you can think of this as a drawbridge rather than a permanent crossing of the moat, it only comes down and allows traffic for a certain amount of time and for certain people. The firewall is more like the walls of the castle combined with the guards on the castle walls, the traffic that is passing through the firewall (into the castle) can be looked at in more detail and with the premium firewall offerings the content of the packets can be scanned. Like the guards inspecting people as they come through the gates. The traffic can also be route to different locations with NAT rules and ports can be translated. Like the guards telling people they can only follow a certain path. Both are used together when building a secure network. I hope this helps
That would entirely depend on how you have designed the solution you are deploying. Please take a look at my networking video ruclips.net/video/jLlamtvxrS0/видео.html and my virtual machines video ruclips.net/video/o7sOKK1cfMw/видео.html and it should help to clear that up for you
Great explanation. Thanks Micheal!
Thank you very much! Hope you enjoy the other videos in this series
I just found out about this great series. It needs more views. Thanks for keeping uploading.
Thank you very much, please share it around, I could do with the extra subs. There are a number of videos in this series lined up for release interwined with some off topic videos
Thanks Michael
No problem, i will be making a whole series on these and then moving onto the next course, it’s it material to back up my teaching but I hope more people watch and get something out of it
how is a firewall different than an NSG? don't they both do the same thing?
It may look that way when you first see them but it is not the case.
An NSG can be attached to a subnet or a vNIC of a VM, it does not understand anything about the traffic other than port numbers and the IPs of where it has come from and is going too. Think of it like a moat around a castle, it does not do anything but you can only cross where there is a bridge (allow port in the NSG). This also combines with JIT or Just In Time Administration, you can think of this as a drawbridge rather than a permanent crossing of the moat, it only comes down and allows traffic for a certain amount of time and for certain people.
The firewall is more like the walls of the castle combined with the guards on the castle walls, the traffic that is passing through the firewall (into the castle) can be looked at in more detail and with the premium firewall offerings the content of the packets can be scanned. Like the guards inspecting people as they come through the gates. The traffic can also be route to different locations with NAT rules and ports can be translated. Like the guards telling people they can only follow a certain path.
Both are used together when building a secure network.
I hope this helps
@@mwcloud thank you for the long answer. if i understand correctly, traffic is first evaluated by an NSG and then by firewall?
That would entirely depend on how you have designed the solution you are deploying. Please take a look at my networking video ruclips.net/video/jLlamtvxrS0/видео.html and my virtual machines video ruclips.net/video/o7sOKK1cfMw/видео.html and it should help to clear that up for you