A network security group (NSG) contains a list of Access Control List (ACL) rules that allow or deny network traffic to your VMs in a virtual network. NSGs can be associated with either subnets or individual VMs within that subnet. When an NSG is associated with a subnet, the ACL rules apply to all the VMs in that subnet. In addition, traffic to an individual VM can be restricted further by associating a NSG directly to that VM. Make sure the NSGs do not block outbound traffic to allow Internet access, ensuring all Azure public endpoints are accessible by default.
If you deploy Teradata Database products separately, you must create a NSG. If you deploy a Teradata ecosystem or deploy a Teradata Database using a solution template, a NSG is automatically created for you with a naming convention of vp-nsg for Viewpoint, sm-nsg for Server Management, and so on. If you deploy Teradata Database products using a solution template, assign private IPs within the same VNet or VNet peering.
You can open a port to a VM by creating a network filter on a subnet or VM NIC. You can then place these filters, which control both inbound and outbound traffic, on an NSG attached to the resource that receives the traffic.