Overview

Network Security Groups (NSGs) act as centralized firewall policy managers that allow you to filter and control network traffic to and from virtual network resources within a given Virtual Data Center (VDC).

NSGs are a fundamental element of network security that allows you to control inbound and outbound traffic of Network Interface Cards (NICs) or Virtual Machine (VM) instances. NSGs contain security rules that allow or deny traffic based on various criteria, such as source and destination IP addresses, ports, and protocols.

NSGs are of two types: Default and Custom. Every newly created VM in a VDC is automatically added to the "Default" NSG and comes with a set of pre-configured rules that allow basic infrastructure traffic for VMs and NICs in a VDC. You can customize both Default and Custom NSGs according to your needs.

Features and Benefits

The following are some key features and benefits of NSGs:

  • Centralized Policy Management: NSGs offered by IONOS act as a centralized policy manager where firewall policy templates can be defined for a given Virtual Data Center (VDC). This streamlines the management of firewall rules across multiple network interfaces and VM instances.

  • Flexibility with Default and Custom NSGs: NSGs are of two types: Default and Custom. You can customize both Default and Custom NSGs according to your needs.

  • Stateful Virtual Firewall: Each security group acts as a stateful virtual firewall, controlling both inbound and outbound traffic. This ensures that only authorized traffic, based on defined protocols and port numbers, is allowed to flow through.

  • Integration with NIC-based firewall rules: You can complement the NSG rules by configuring NIC-based firewall rules, providing additional flexibility and customization options.

  • Fine-Grained Access Control: NSGs enable fine-grained access control at the level of Virtual Machines (VMs) and network interfaces (NICs). This ensures that security policies can be applied based on different criteria to enhance security.

  • Enhanced Customer Experience: You can get a more intuitive way of handling firewall rules for a VDC. NSGs address the need by enhancing the overall customer experience on the IONOS Cloud platform.

Last updated