Why use Security Groups?
Security Groups give you full control of your instances' network traffic. With special rules – composed of traffic directions, protocols and ports – you can regulate the inbound and outbound traffic regarding your ports.
Control with inbound rules which ports of your instance should be open and accessible from the internet. Outbound rules on the other hand allow you to specify certain ports and protocols that should be able to reach the internet from your instance (for most use cases it is generally recommended to allow all outbound traffic).
By default, all instances use the standard Security Group set up by Genesis Cloud. With this setting it is possible to ping (ICMP) your instance and reach it via SHH (TCP on port 22), as well as via HTTP and HTTPS (TCP on port 80 or on port 443). Furthermore, the standard Security Group allows traffic on all ports and protocols to the internet. It is not possible to modify this standard Security Group. If you want to change the characteristics of your firewall, remove the standard Security group and set up your own here.
Changing your security groups doesn’t have an impact on the internal communication between all your instances run on Genesis Cloud: we allow all internal network traffic between your instances on all ports and protocols. If you want to restrict also your internal traffic with Security Groups, reach out to
How to create a new Security Group?
First of all navigate to the Security Groups tab (Compute Service > Network > Security Groups) and click “Create New Security Group” on the bottom right. Name your new Security Group and add a description to help you remember the purpose of adding this feature.
If you click “Add Rule” in the inbound or outbound section, you can add a new traffic rule for the chosen section. Select the type from the dropdown menu and fill in the port section (if available).
Important: Don’t forget to click on the checkmark on the right side in order to set this rule.
After you have specified all rules for the Security Group click "Create Security Group" to create a new Security Group.
Here is an overview of inbound and outbound rules:
|"ICMP"||ping your instance||no port specification possible|
|"SSH"||SSH traffic||set by default to “TCP port 22”|
Specify the ports:
Specify the ports:
How can I add or remove instances from my Security Group?
To add or remove an instance from or to a Security Group select the affected Security Group first in your overview (Network > Security Group > click on Security Group name).
- Adding an instance to a Security Group:
Choose an instance you want to add from the dropdown menu on the right side. Then click on “Add Instance”.
|Please note: |
Above the dropdown menu you can see all instances that are already using the selected Security Group.
- Removing an instance from a Security Group:
To remove any instance from a Security Group use the remove icon behind in the detailed Security Group view.