Security Group Overview

A security group is a virtual firewall with stateful packet filtering capabilities. It is used to set network access control for cloud server instances. You can control the inbound and outbound traffic of instances in a security group by configuring security group rules. It is an important means of network security isolation.

Usage restrictions

1. To ensure a good network performance experience, it is recommended that an instance be associated with a maximum of 5 security groups.

2. It is recommended that the number of instances associated with a security group should not exceed 2,000, otherwise the performance of the security group will be degraded.

3. A security group can have a maximum of 100 inbound or outbound access policies.

4. A cloud server can join multiple security groups, and a security group can be associated with multiple cloud servers at the same time.

Security group rules

Components

Security group rules include the following components:

Source: The IP of the source data (inbound) or destination data (outbound).

Protocol type and protocol port: Protocol type such as TCP, UDP, etc.

Policy: Allow.

Multiple security groups

An instance can be bound to one or more security groups. When an instance is bound to multiple security groups, the union of the security group rules will be taken.

Security Group Overview Usage restrictions Security group rules