Configuring network security group settings - BlueCat Integrity - 9.5.0

BlueCat Azure Virtual Appliances

Product name
BlueCat Integrity
Add rules to allow specific traffic to reach your instance as needed. BlueCat recommends the following minimum set of firewall rules for BlueCat Azure Virtual Appliances:
BlueCat Address Manager for Azure BlueCat DNS for Azure
  • HTTP port 80
  • HTTPS port 443
  • SSH port 22
  • Custom UDP Rule with port number 10045 for notifications
  • SSH port 22
  • Custom UDP Rule with port number 123 for NTP (inbound only) and 161 for SNMP (inbound only)
  • Custom TCP Rule with port number 10042 for secure management and connectivity between DNS/DHCP Servers and Address Manager
  • Custom TCP and UDP Rule with port number 53 for DNS
Note: For more information on using network security groups to filter traffic on Azure Virtual Networks, refer to
Note: For more information about BlueCat appliance service ports, refer to Network requirements in the Address Manager Administration Guide.

To define network security group settings for your BlueCat Azure virtual appliance:

  1. Log in to the global Azure or Azure Government Portal.
  2. Click Virtual Machines in the left-nav.
  3. From the list of virtual machines, click the name of the virtual machine you wish to configure with a network security group.
  4. Under Settings, click Networking.
  5. Click one of the interfaces of your BlueCat Azure Virtual Appliance, for example azure-bdds-nic-eth0. The Network Interface page opens.
  6. Under Settings, click Network Security group.
  7. Click Edit then choose a network security group or select None.
  8. Click Save.
    Note: OPTIONAL: You can also configure a network security group on subnets. This will propagate the network security group settings to all interfaces on that subnet.

Repeat this task for additional interfaces.