Why use Security Groups ?
- Security Groups give you full control over your instance's network traffic. Using specialized rules — consisting of traffic directions, protocols, and ports — you can regulate both inbound and outbound traffic.
- Inbound rules allow you to control which ports of your instance should be open and accessible from the internet.
- Outbound rules, on the other hand, let you specify which ports and protocols can reach the internet from your instance. (For most use cases, it is generally recommended to allow all outbound traffic.)
- By default, all instances use the standard Security Group set by Genesis Cloud. This setup allows your instance to be pinged (ICMP) and accessed via SSH (TCP on port 22), as well as HTTP and HTTPS (TCP on ports 80 and 443).
- Additionally, the standard Security Group permits traffic on all ports and protocols to the internet. However, it cannot be modified. If you want to adjust your firewall's settings, remove the standard Security Group and configure your own here.
Important: Changing your security groups does not have an impact on the internal communication between all your instances run on Genesis Cloud. We allow all internal network traffic between your instances on all ports and protocols. If you want to restrict also your internal traffic with Security Groups, please create a support ticket here: https://support.genesiscloud.com/
How to create a new Security Group ?
Navigate to the Compute > Network tab from the left-hand menu.
Click the "Create New Security Group" button.
Select a location — ensure that the security group is in the same location as your instance.
Enter a name for your new Security Group and add a description to help you remember its purpose.
Click "New Rule" under either the Inbound Rules or Outbound Rules section.
Choose the type of rule from the dropdown.
Select the protocol and fill in the port (if applicable).
Once all desired rules are defined, click "Create Security Group" to finalize and create the group.
Overview of Inbound and Outbound Rules:
Type | Function | Ports |
ICMP | Ping your instance | No port specification possible |
SSH | SSH traffic | Set by default to “TCP port 22” |
TCP | TCP protocol | Specify the ports:
|
UDP | UDP protocol | Specify the ports:
|
How can I add/remove instances to/from the Security Group?
To add or remove an instance to or from a Security Group, first select the affected 'Security Group' in your list of 'Security Groups' (Compute > Network > click on Security Group name).
Adding an instance to a Security Group
- In that security group, under the 'Instances' section, click on 'Assign to Instances' button.
- A pop-up window will open, click on drop down menu to see the list of instances.
- Choose an instance you want to add and click on 'Assign to Instances'.
Removing an instance from a Security Group
- To remove any instance from a Security Group use the 'X' button on the right side of that particular Instance from the list of all instances in that Security Group.