![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 89%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED4%3C/text%3E%3C/svg%3E)
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
574 questions
Hi,
I don't remember ever seeing the default rules not be gray. I just checked one of my NSGs that doesn't have any custom rules, and the default rules are grayed out, indicating they are read-only.
To answer your question, the default rules are still active, regardless of what color they appear in the portal. They are processed same as your custom rules--rules are processed in priority order so those with higher priority (lower number) will potentially override those with lower priority (higher number).
Excerpts from article linked below:
...Rules are processed in priority order, with lower numbers processed before higher numbers, because lower numbers have higher priority. Once traffic matches a rule, processing stops. As a result, any rules that exist with lower priorities (higher numbers) that have the same attributes as rules with higher priorities aren't processed. Azure default security rules are given the highest number with the lowest priority to ensure that custom rules are always processed first.
You can't remove the default rules, but you can override them by creating rules with higher priorities.
Network security groups
https://learn.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview
Please click Accept Answer and upvote if the above was helpful. If something is unclear please add a comment.
Thanks.
-TP