Azure Virtual Network Manager’s security admin rule configuration feature is now generally available (GA) in 30 regions. Please refer to the Azure Virtual Network Manager security admin rule documentation for the up-to-date list of those GA regions.
This feature lets you enforce security policies for your virtual networks (VNets) at scale across subscriptions and regions globally. These rules will be evaluated before network security groups (NSGs), ensuring standardized security enforcement. They help prevent potential misconfigurations and oversights, making sure that critical services run without interruption and that network owners adhere to company policies.
Security admin rules allow users to manage security efficiently, reducing operational complexities. They also offer a default setting to avoid errors or oversights in setting up NSGs. As such, users can simplify and enhance their network security for their growing network environments.
To learn more about security admin rules and their use cases, please see the public documentations on security admin rule concepts. The traffic that is allowed or denied by security admin rules can be monitored by using VNet flow logs. See the VNet flow logs documentation for more information.
Learn more about Azure Virtual Network Manager.