Create a security group

· By default, a security group uses the whitelisting mechanism, which means it permits only traffic that matches its rules. You can configure rules for the group to permit specific traffic.

To change the bound security group of a cloud host, see "Edit security groups for a vNIC."

· To access a cloud host through SSH, you must configure security group rules for the inbound direction to permit traffic from the local PC to the cloud host. For more information about how to configure security group rules, see security groups in Network and Security.

On the top navigation bar, click Cloud Services.

From the left navigation pane, select Network & Security > Security Groups.

Click Create.

Configure the name and description of the security group to be created.

Click Create.

Click the name of the newly created security group.

Click Create Rule.

Configure security group rule parameters as needed.

Click OK.

Table-1 Configuring security group parameters

Parameter	Description
Protocol	Select a protocol to which the security group rule will apply.
Direction	Select a traffic direction. Inbound—Traffic sent from outside the security group to cloud hosts in the security group. Outbound—Traffic in the opposite direction.
Port	Enter a port number range. If you select a protocol that uses a fixed port, do not configure this parameter.
Peer Type	Select the type of the peer for the cloud host.
IP or Network Security Group	IP or Network	IPv4	Specify a permitted IPv4 address or network segment.
	IP or Network	IPv6	Specify a permitted IPv6 address or network segment.
	Security Group	IPv4	Select a security group. All IPv4 addresses in the security group are permitted.
	Security Group	IPv6	Select a security group. All IPv6 addresses in the security group are permitted.