General availability: Application security groups in all Azure regions
Updated: March 30, 2018
Application security groups (ASGs) are now generally available in all Azure regions, including national clouds. This feature enables micro-segmentation within the virtual network.
ASGs enable you to define fine-grained network security policies based on workloads, applications, or environments instead of explicit IP addresses. You can group VMs with named monikers and secure applications by filtering traffic from trusted segments of your network.
Application security groups, along with the latest improvements in network security groups (NSGs), bring the following benefits:
- A unified management experience
- Increased limits on multiple dimensions
- A great level of simplification
- A natural expression of security policies