Cloud | Anders Eide

Network Security Groups (NSG) is one of the new network features that’s available in Azure. At least as long we are using the data center in North Europe (https://azure.microsoft.com/en-us/updates/new-networking-features-now-available-in-the-north-europe-region/). By leveraging NSGs we are able to control inbound and outbound network traffic all the way down to each separate VM. This is great in those cases where we have to implement high security and hard policies on our services. For example between the public facing endpoints and backend servers in a SharePoint deployment.

Concept drawing of Network Security Groups

To use it, we need version 0.8.10 of the Azure PowerShell module, and the commands are

Get-AzureNetworkSecurityGroup
Get-AzureNetworkSecurityGroupConfig
Get-AzureNetworkSecurityGroupForSubnet
New-AzureNetworkSecurityGroup
Remove-AzureNetworkSecurityGroup
Remove-AzureNetworkSecurityGroupConfig
Remove-AzureNetworkSecurityGroupFromSubnet
Remove-AzureNetworkSecurityRule
Set-AzureNetworkSecurityGroupConfig
Set-AzureNetworkSecurityGroupToSubnet
Set-AzureNetworkSecurityRule

The function is somehow self explained and the link at the bottom of this post explains it even a little bit more. But the best way to get to know them is to use Get-Help, and then just try 🙂

Documentation

About Network Security Groups
http://msdn.microsoft.com/en-us/library/azure/dn848316.aspx

This is probably one of the most blogged topics, so this post is mostly a helper for myself; to document how to access the different Online and Cloud services from Microsoft via PowerShell.

Windows Azure Active Directory – http://aka.ms/aadposh
Windows Azure – http://www.windowsazure.com/en-us/documentation/articles/install-configure-powershell/
Exchange Online – http://technet.microsoft.com/en-us/library/jj984289(v=exchg.150).aspx
Exchange Online Protection – http://technet.microsoft.com/en-US/library/dn621036(v=exchg.150).aspx
SharePoint Online – http://technet.microsoft.com/en-us/library/fp161388.aspx
Lync Online – http://technet.microsoft.com/en-us/library/dn362795.aspx

Windows Azure Active Directory is easy

$MsolCredential = Get-Credential
Connect-MsolService -Credential $MsolCredential

Windows Azure has multiple ways of doing it, but for quick access just

Add-AzureAccount

Exchange Online is a bit longer

# Set credentials
$UserCredential = Get-Credential

# Configure Session
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

# Import Session
Import-PSSession $Session

# Prefix trick when importing Session
Import-PSSession $Session -Prefix "EO"

# Turns for example Get-Mailbox into Get-EOMailbox. Could get handy
# Exit Session
Remove-PSSession $Session

SharePoint Online is no pain at all

Connect-SPOService -Url https://contoso-admin.sharepoint.com -credential admin@contoso.com

Lync Online is more like Exchange

$credential = Get-Credential

$session = New-CsOnlineSession -Credential $credential

Import-PSSession $session

Remove-PSSession $session

Share this:

Share this: