Articles on: Security & Access

Using Security Groups

Create Security Group

First, we have to create a security group that can later be applied to a cloud server instance



  1. From our Cloud Management Portal, select Networking -> Security Groups
  2. Click ' Create Security Group'
  3. Enter a Name for your security group (i.e. Allow Inbound SSH from Corporate Office), and an optional description
  4. Click into your security group, then select Add Rule
  5. From this screen, you may add a rule for the service you're looking to add.


By default, virtual machines are created with a default security group that does not permit any inbound access. This is by design to prevent any unauthorized access, and to enable our customers to have full control over their security policy. With that, new virtual machines created will not have any inbound connectivity from the Internet to receive pings, web requests, or to be managed via ssh.


An example for SSH, add rules as follows:


Field

Value

Rule

Custom Protocol

Description

Allow Inbound SSH

Direction

Ingress

Open Port

Port

Port

22

Protocol

TCP

Remote

CIDR

CIDR

0.0.0.0/0

Ether Type

IPv4


Note: We do not currently support IPv6


Apply Security Group

Next, we apply the security group we made to an instance for it to take effect


  1. From our Cloud Management Portal, select Server, then select the server you want to allow SSH for
  2. Click 'Security Groups', then ' Add Security Group'
  3. From the drop down list, select the ' Allow Inbound SSH from Corporate Office' security group, and choose Add Security Group.


Operations Strategy


Some folks choose to maintain 1 security group with all of their services and rules in it, while others elect to make discreet security groups to be applied concurrently, as we have demonstrated in this article. While there are operational drawbacks of using one security group for all services, in that its harder to audit in larger environments, there are no performance impacts to either approach.


Example Rules


Inbound PING


Field

Value

Rule

Custom Protocol

Description

Allow Inbound PING

Direction

Ingress

Open Port

All Ports

Protocol

ICMP

Remote

CIDR

CIDR

0.0.0.0/0

Ether Type

IPv4


Inbound HTTP and HTTPS


Field

Value

Rule

Custom Protocol

Description

Allow Inbound HTTP

Direction

Ingress

Open Port

Port

Port

80

Protocol

TCP

Remote

CIDR

CIDR

0.0.0.0/0

Ether Type

IPv4


Field

Value

Rule

Custom Protocol

Description

Allow Inbound HTTPS

Direction

Ingress

Open Port

Port

Port

443

Protocol

TCP

Remote

CIDR

CIDR

0.0.0.0/0

Ether Type

IPv4


Updated on: 12/03/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!