# Create Default or Custom Network Security Groups
Configuring Network Security Groups (NSGs) in your Virtual Data Center (VDC) empowers you to effectively manage and filter the network traffic penetrating towards or exiting the VDC, all tailored to your specific security rules and requirements.
NSGs are of two types: **Default** and **Custom**. You can choose between a Default or a Custom NSG and customize them according to your needs. For more information, see [What are the differences between default and custom NSG?](https://docs.ionos.com/sections-test/guides/security/nsg-faqs#what-are-the-differences-between-default-and-custom-nsg).
NSGs provide a level of granular customization that guarantees a secure environment while allowing the necessary connectivity. They protect your virtual networks from unauthorized access, malicious activity, and other security threats.
{% hint style="info" %}
**Prerequisites:** Ensure that you have appropriate permissions to the data centers and to create NSGs. For more information, see [Set User Privileges for Network Security Groups](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/set-user-privileges).
{% endhint %}
{% hint style="info" %}
**Note:** User-created Virtual Machines (VMs) can be Default or Custom NSG members, but you cannot add nodes from the Managed Kubernetes node pools or suspended Cubes.
{% endhint %}
To create an NSG, select one of these methods:
{% tabs %}
{% tab title="Default NSG" %}
1\. In the **DCD**, go to **Virtual Data Centers** > **Create new**.
2\. Select the **Create default network security group** checkbox.
{% hint style="success" %}
**Result:** The default group is created with four default rules. For more information, see [What predefined rules does a default Network Security Group contain?](https://docs.ionos.com/sections-test/guides/security/nsg-faqs#what-predefined-rules-does-a-default-network-security-group-contain). All servers and NICs associated with the respective data center inherit default rules. If you add new VMs to the data center, all of its NICs inherit the rules from the default NSG.
{% endhint %}
{% hint style="info" %}
**Note:** User-created Virtual Machines (VMs) can be Default or Custom NSG members, but you cannot add nodes from the Managed Kubernetes node pools or suspended Cubes.
{% endhint %}
3\. Optionally, you can add custom rules to the default group or create new custom groups for customized rules. For more information, see [Create Rules](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/create-rules). Remember to [associate custom groups to the servers or NICs](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/attach-nsgs), whichever is applicable.
{% endtab %}
{% tab title="Custom NSG" %}
1\. In the **DCD**, go to **Menu** > **Security** > **Network Security Groups**.
2\. Select **Create security group** in the **Network Security Groups** window.
3\. Enter the following details:
* **Datacenter:** Select a data center from the drop-down list for which you want to configure a security group.
* **Name:** Enter a name for your security group.
* **Description:** Enter additional information about the security group.
4\. Click **Create** to save the details.
{% hint style="success" %}
**Result:** The desired NSG is created and set to an **Available** state.
{% endhint %}
{% endtab %}
{% endtabs %}
## Next steps:
* [Update the respective Network Security Group](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/update-nsg)
* [Create Rules](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/create-rules)
* [Convert Custom Network Security Group to Default](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/convert-custom-nsg)
* [Attach a Server or NIC to a NSG](https://docs.ionos.com/sections-test/guides/security/network-security-groups/how-tos/attach-nsgs)