Configuring network security group settings - BlueCat Integrity

Add rules to allow specific traffic to reach your instance as needed. BlueCat recommends the following minimum set of firewall rules for BlueCat Azure Virtual Appliances:

BlueCat Address Manager for Azure	BlueCat DNS for Azure
HTTP port 80 HTTPS port 443 SSH port 22 Custom UDP Rule with port number 10045 for notifications	SSH port 22 Custom UDP Rule with port number 123 for NTP (inbound only) and 161 for SNMP (inbound only) Custom TCP Rule with port number 10042 for secure management and connectivity between DNS/DHCP Servers and Address Manager Custom TCP and UDP Rule with port number 53 for DNS

Note: For more information on using network security groups to filter traffic on Azure Virtual Networks, refer to https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg.

Note: For more information about BlueCat appliance service ports, refer to Network requirements in the Address Manager Administration Guide.

To define network security group settings for your BlueCat Azure virtual appliance:

Log in to the global Azure or Azure Government Portal.
Click Virtual Machines in the left-nav.
From the list of virtual machines, click the name of the virtual machine you wish to configure with a network security group.
Under Settings, click Networking.
Click one of the interfaces of your BlueCat Azure Virtual Appliance, for example azure-bdds-nic-eth0. The Network Interface page opens.
Under Settings, click Network Security group.
Click Edit then choose a network security group or select None.
Click Save.

Note: OPTIONAL: You can also configure a network security group on subnets. This will propagate the network security group settings to all interfaces on that subnet.

Repeat this task for additional interfaces.