Why use Security Groups ?
- Security Groups give you full control over your instance's network traffic. Using specialized rules — consisting of traffic directions, protocols, and ports — you can regulate both inbound and outbound traffic.
- Inbound rules allow you to control which ports of your instance should be open and accessible from the internet. Outbound rules, on the other hand, let you specify which ports and protocols can reach the internet from your instance. (For most use cases, it is generally recommended to allow all outbound traffic.)
- By default, all instances use the standard Security Group set by Genesis Cloud. This setup allows your instance to be pinged (ICMP) and accessed via SSH (TCP on port 22), as well as HTTP and HTTPS (TCP on ports 80 and 443).
- Additionally, the standard Security Group permits traffic on all ports and protocols to the internet. However, it cannot be modified. If you want to adjust your firewall's settings, remove the standard Security Group and configure your own here.
Important: Changing your security groups does not have an impact on the internal communication between all your instances run on Genesis Cloud. We allow all internal network traffic between your instances on all ports and protocols. If you want to restrict also your internal traffic with Security Groups, please create a support ticket here: https://support.genesiscloud.com/
How to create a new Security Group ?
- First of all navigate to the 'Network' tab from left-hand side menu and click 'Create New Security Group' on the bottom right corner. Name your new Security Group and add a description to help you remember the purpose of adding this feature.
- If you click 'New rule' in the inbound or outbound section, you can add a new traffic rule for the chosen section. Select the type from the dropdown menu and fill in the port section (if available).
- After you have specified all rules for the Security Group click 'Create Security Group' to create a new Security Group.
Click on "Create Security Groups" to create new groups
Overview of Inbound and Outbound Rules:
Type | Function | Ports |
ICMP | Ping your instance | No port specification possible |
SSH | SSH traffic | Set by default to “TCP port 22” |
TCP | TCP protocol | Specify the ports:
|
UDP | UDP protocol | Specify the ports:
|
How can I add/remove instances to/from the Security Group?
To add or remove an instance to or from a Security Group, first select the affected 'Security Group' in your list of 'Security Groups' (Network > click on Security Group name).
Select the security group to add or remove an instance of your choice
Adding an instance to a Security Group
- In that security group, under the 'Instances' section, click on 'Assign to Instances' button. A pop-up window will open, click on drop down menu to see the list of instances. Choose an instance you want to add and click on 'Assign'.
Note: Above the dropdown menu you can see all instances that are already using the selected Security Group.
Add an instance of your choice to the security groups
Removing an instance from a Security Group
- To remove any instance from a Security Group use the 'X' button on the right side of that particular Instance from the list of all instances in that Security Group.
Remove an instance of your choice from the security groups