Creating network security groups
Create two network security groups:
- The first security group must have inbound rules allowing for HTTPS, SSH traffic, and OFTP.
- The second security group must have inbound rules allowing for FTP and RDP.
To create network security groups in Azure:
- In the Azure portal, click Network security groups in the left pane.
- Click Add to create a new network security group for the management port subnet.
- Enter the following information:
Subscription
Select a subscription type.
Resource group
Select the resource group you created in the Creating a resource group step.
Name
Name of the network security group.
Region
Select the location you used when you set up the resource group.
- Repeat these steps to create a second network security group for the FortiSandbox port2 subnet.
- Go to the security groups and configure the inbound rules:
- Network security group one: HTTPS (TCP 443), SSH traffic (TCP 22), OFTP traffic (TCP 514).
Optional: ICAP traffic (TCP 1344), ICAP over SSL (TCP 11344), RDP to VM interaction (FortiSandbox reserved 9833).
- Network security group two: FTP (TCP 21).
- Network security group one: HTTPS (TCP 443), SSH traffic (TCP 22), OFTP traffic (TCP 514).
Alternatively, you can create only one network security group with the inbound rules allowing for HTTPS, SSH traffic, OFTP, FTP, and RDP. |