Security groups in xneelo Cloud

Security groups control the inbound and outbound traffic to and from your cloud resources. They act as virtual firewalls for your instances and network ports, letting you manage access at a granular level.

Read on to learn about security groups in xneelo Cloud.

What are security groups

A security group is a set of allow rules that defines what network traffic is allowed to reach or leave your cloud resources.

Security groups can be applied to instances and network ports.

Each interface (vNIC) on an instance connects to a network port, and each port can have one or more security groups assigned.
This allows you to control traffic per interface or per network connection.

Using security groups

Security groups can be assigned when creating an instance and edited at any time.

In xneelo Cloud there is a default security group with commonly used rules that you can assign to your instances.

You can also create and manage security groups with your own custom rules.

You can assign multiple security groups to a single port or instance. The combined rules from all assigned security groups determine what traffic is allowed through that interface.

Security group rules

To send or retrieve traffic of a specific type, there must be an associated rule in a security group that allows that traffic.

Security groups contain only allow rules, not deny rules. There are 2 types of rules: ingress, and egress.

Ingress rules control what incoming traffic is allowed to an instance.
Egress rules control what outgoing traffic is allowed from an instance.

Each rule defines the traffic type, source and destination:

Direction: inbound or outbound.
Ether type: IPv4 or IPv6.
Protocol: TCP, UDP, ICMP, or any.
Port range: the ports to allow traffic on (for example, 22 for SSH, 80 for HTTP).
Remote source: the IP range or security group that traffic is allowed from.

When creating security group rules, you should apply the principle of least privilege. Only open the ports and protocols you need.

Security groups and Private Networking

Private Networking lets you design your own internal networks.

Security groups work alongside other networking features to provide layered security and control network traffic.

Examples of using security groups include:

You can:

Apply different security groups to each interface (port) on an instance.
Protect both public and private connections with different rules.
Use security groups to isolate internal services (for example, databases) from public internet access.

Example:

Allow inbound web traffic (HTTP/HTTPS) on an instance’s public interface.
Restrict database access to a private interface using a separate security group.

This setup allows you to separate public-facing traffic from internal communication, keeping sensitive systems secure.

Now that you understand the key terms, you’re ready to start creating your own security groups and assign them to your instances.

Take a look at our other articles and guides on xneelo Cloud.

Search for a domain

Transfer a domain

Web Hosting

Volume Plan

Managed Servers

Self-Managed Servers

Colocation

xneelo Cloud

Insights

News

Case studies

Product updates

Contact us

Help Centre

Network Status

Start using your xneelo Control Panel

Feedback

Was this article helpful?

Expert advice & more, straight to your inbox.

Products

Company

Support

Legal

Thanks for watching our video!

Email-this-article form