Azure Virtual Network subnets should be associated with Network Security Groups. NSG provides the controls to facilitate a formal process for approving and testing all network connections and changes to the firewall and router configurations. NSG enables better control over network traffic to all resources within a subnet. As a best practice it is recommended to associate an NSG with a subnet to protect your VMs on a subnet-level.
Login to Azure Console:1. Navigate to the ‘Virtual Networks’ 2. For Each virtual network 3. Select ‘Subnets’ from menu and select the subnet you need to modify 4. Select the Network security group (NSG) you want to associate with the subnet and ‘Save’ your changes