Creating a security group for traffic between protected hosts

This security group brings together rules for traffic allowed between protected hosts.

In this example, all protocols are allowed: traffic between protected hosts can in fact be filtered and inspected thoroughly on the SNS firewall.

Creating the security group

In the COCKPIT 3DS OUTSCALE console, under the Network/Security menu:

  1. Select Security groups.
  2. Click on Create.
  3. Name the security group (Documentation-Pass-All in the example).
  4. Add a description (Pass all in the example).
  5. Select the VPC (Documentation-VPC in the example).
  6. Click on Create.

Creating security rules corresponding to traffic between protected hosts

  1. Select the security group created earlier (Documentation-Pass-All in the example).
    The list of rules from the security group appears in the lower section of the configuration window.
  2. In the list of rules, click on Create rule.
  3. Select Inbound mode.
  4. Set Custom as the protocol.
  5. Select All as the port.
  6. Click on All IPs.
  7. Click on the + symbol.
  8. Confirm by clicking on Create.

IMPORTANT
A rule allowing outbound traffic will automatically be created.
This rule must not be deleted.

The list of rules regarding traffic allowed for the security group assigned to protected hosts will then look like this: