CloudGuard Dome9 User Guide

Security Groups

The Security Group section shows the security groups for all of your Dome9 managed cloud accounts. If your accounts are fully managed by Dome9, you can so actively manage your security groups from here, defining new security groups, or modifying them, and then applying them to your accounts.

Value to customers

In the Security Group section, you can review your security groups for all your cloud accounts, on all platforms, in a single place. For managed accounts, you can also apply changes centrally to all these accounts. By defining and applying changes in one place, you ensure that your security groups are consistent and comprehensive across your entire cloud presence.

By making changes through the Dome9 console, you reduce the chance of accidental or unauthorized changes to your security groups. In addition, if unwanted changes are inadvertently made through the cloud account, Dome9 will automatically roll them back to the previous authorized settings (made on Dome9), and notify you of the fact (the security group must be fully managed by Dome9 to do this).


Here are some typical use-cases to illustrate how controlling your Security Groups from one central location can help you.

  • search for Security Groups - you can quickly search for specific security policies across your entire cloud presence

  • review security posture - you can assess your security position effectively by reviewing all your policies in one view

  • apply uniform changes - if you expand or modify your cloud presence, for instance by adding additional services, or additional regions, you can modify the security policies consistently for all regions from one console

  • respond to anomalous behavior - if changes are made to one of your cloud accounts, inadvertently or maliciously, you will be notified immediately, and be able to take corrective action.

Actions from here

View your Security Groups

The main page shows a list of all your managed security groups, in all your Dome9 managed accounts, on all cloud providers.

Filter the list using the search box or filter options on the left. You can filter by account, VPC, cloud region, protection method (full, read-only), and the number of instances or alerts.

To open the main Security Group page, select from the Network Security menu.

Filter the view

Filter by Account, Region, VPC, Tags, number of instances, number of alerts or protection mode.

See also 

AWS Security Groups

Azure Network Security Groups

Filtering Views