Why use Security Groups ?

  • Security Groups give you full control of your instance's network traffic. With special rules – composed of traffic directions, protocols and ports – you can regulate the inbound and outbound traffic regarding your ports.
  • Control with inbound rules which ports of your instance should be open and accessible from the internet. Outbound rules on the other hand allow you to specify certain ports and protocols that should be able to reach the internet from your instance (for most use cases it is generally recommended to allow all outbound traffic).  
  • By default, all instances use the standard Security Group set up by Genesis Cloud. With this setting it is possible to ping (ICMP) your instance and reach it via SSH (TCP on port 22), as well as via HTTP and HTTPS (TCP on port 80 or on port 443). 
  • Furthermore, the standard Security Group allows traffic on all ports and protocols to the internet. It is not possible to modify this standard Security Group. If you want to change the characteristics of your firewall, remove the standard Security group and set up your own here.


Important: Changing your security groups doesn’t have an impact on the internal communication between all your instances run on Genesis Cloud: we allow all internal network traffic between your instances on all ports and protocols. If you want to restrict also your internal traffic with Security Groups, reach out to support@genesiscloud.com

How to create a new Security Group ?

  1. First of all navigate to the 'Network' tab from left-hand side menu and click 'Create New Security Group' on the bottom right corner. Name your new Security Group and add a description to help you remember the purpose of adding this feature.

  2. If you click 'Add Rule' in the inbound or outbound section, you can add a new traffic rule for the chosen section. Select the type from the dropdown menu and fill in the port section (if available).

    Important: Don’t forget to click on the checkmark on the right side in order to set this rule.

  3. After you have specified all rules for the Security Group click 'Create Security Group' to create a new Security Group.

Click on "Create Security Groups" to create new groups

Click on "Create Security Groups" to create new groups 

Overview of Inbound and Outbound Rules:


TypeFunction Ports
ICMPping your instanceno port specification possible
SSHSSH trafficset by default to “TCP port 22” 
TCPTCP protocol

Specify the ports: 

  • a single port, e.g. "8888"

  • multiple ports via comma sperated entries, e.g. "8888, 8898"

  • a range of ports using a dash, e.g. "8888-8898"

  • ALL ports for this protocol, leaving the ports field blank

UDP"UDP protocol 

Specify the ports: 

  • a single port, e.g. "8888"

  • multiple ports via comma sperated entries, e.g. "8888, 8898"

  • a range of ports using a dash, e.g. "8888-8898"

  • ALL ports for this protocol, leaving the ports field blank

How can I add or remove instances from my Security Group? 

To add or remove an instance to or from a Security Group, first select the affected 'Security Group' in your list of 'Security Groups' (Network > click on Security Group name). 

Select the security group to add or remove an instance of your choice

Select the security group to add or remove an instance of your choice

  • Adding an instance to a Security Group: 

Choose an instance you want to add from the dropdown menu on the right side. Then click on 'Add Instance'. 


Note: Above the dropdown menu you can see all instances that are already using the selected Security Groups. 

Add an instance of your choice to the security groups

Add an instance of your choice to the security groups

  • Removing an instance from a Security Group: 

To remove any instance from a Security Group use the 'Remove Instance' button next to that particular Instance from the list of all instances in that Security Group.


Remove an instance of your choice from the security groups

Remove an instance of your choice from the security groups