Create a security group

By default, a created security group denies all inbound traffic and permits all outbound traffic. You can configure rules for the group to permit specific traffic.

To change the bound security group of a cloud host's NIC, see "Edit security groups for a vNIC."

To access a cloud host through SSH, you must configure security group rules for the inbound direction to permit traffic from the local PC to the cloud host. For more information, see "About security groups."

On the top navigation bar, click Cloud Services, and then select Security Groups from the Network menu.

Click Create.

Figure-1 Creating a security group

Specify the group name and description.

Click OK.

Click the name of the created security group.

Click Create on the Inbound Security Group Rules or Outbound Security Group Rules tab.

Figure-2 Creating an inbound security group rule

Configure rule parameters as needed and click OK to submit a rule configuration.

Table-1 Configuring a security group rule

Parameter	Description
Protocol Type	Specify the permitted protocol.
Direction	Displays the traffic direction. Inbound represents traffic sent to cloud hosts and outbound represents traffic sent from cloud hosts.
Port Range	Specify the range of permitted destination port numbers. This field is unavailable if the permitted protocol uses a fixed port.
Peer Address	Specify the IP permitted object type. Options include IP Address/Network Address and Security Groups.
IP Protocol Type	Specify the permitted IP protocol version. Options include IPv4 and IPv6.
Authorization Object	Specify the permitted IP address or network segment. This field is available only when the Peer Address field is IP Address/Network Address.
Security Groups	Specify the permitted security group. This field is available only when the Peer Address field is Security Groups.