Fortinet black logo

Creating Security Group

Copy Link
Copy Doc ID 503ec629-6737-11e9-81a4-00505692583a:530079
Download PDF

Creating Security Group

A security group is a set of firewall rules that control the traffic for your VM instances. Amazon by default has your VPC behind a basic firewall. When you create a VPC, a default Security Group protects instances in it. It's recommended to create a custom security group, then add inbound rules so that the traffic will be allowed to flow on the specified ports.

To create a security group:

  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
  2. In the navigation pane, choose Security Groups.
  3. Choose Create Security Group.
  4. Enter a name of the security group (for example, FWB-Manager-group) and provide a description. Select the ID of your VPC from the VPC menu and choose Yes, Create.

To add inbound rules:

  1. Select the security group you have created.
  2. On the Inbound Rules tab, choose Edit. Click Add another rule. In the Type menu, choose Custom TCP Rule. Fill in the form, then click Save to save the rules.
    In order for FortiWeb Manager-VM to connect and run properly, it's recommended to add the following inbound rules.
    Set the Protocol and Port range as shown in the table; set the source as 0.0.0.0/0 or ::/0 to allow access to the specified ports from all IPv4 or IPv6 addresses.

    Protocol

    Port range

    Purpose

    TCP

    80

    Allow inbound HTTP access to FortiWeb Manager GUI from all IPv4 and IPv6 addresses.

    Add this rule if you want to access FortiWeb Manager-VM through GUI. You can set the port range according to your own needs.

    TCP

    443

    Allow inbound HTTPS access to FortiWeb Manager GUI from all IPv4 and IPv6 addresses.

    Add this rule if you want to access FortiWeb Manager-VM through GUI. You can set the port range according to your own needs.

    TCP

    22

    Allow inbound SSH access from all IPv4 and IPv6 addresses.

    Add this rule if you want to access FortiWeb Manager-VM through CLI. You can set the port range according to your own needs.

Creating Security Group

A security group is a set of firewall rules that control the traffic for your VM instances. Amazon by default has your VPC behind a basic firewall. When you create a VPC, a default Security Group protects instances in it. It's recommended to create a custom security group, then add inbound rules so that the traffic will be allowed to flow on the specified ports.

To create a security group:

  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
  2. In the navigation pane, choose Security Groups.
  3. Choose Create Security Group.
  4. Enter a name of the security group (for example, FWB-Manager-group) and provide a description. Select the ID of your VPC from the VPC menu and choose Yes, Create.

To add inbound rules:

  1. Select the security group you have created.
  2. On the Inbound Rules tab, choose Edit. Click Add another rule. In the Type menu, choose Custom TCP Rule. Fill in the form, then click Save to save the rules.
    In order for FortiWeb Manager-VM to connect and run properly, it's recommended to add the following inbound rules.
    Set the Protocol and Port range as shown in the table; set the source as 0.0.0.0/0 or ::/0 to allow access to the specified ports from all IPv4 or IPv6 addresses.

    Protocol

    Port range

    Purpose

    TCP

    80

    Allow inbound HTTP access to FortiWeb Manager GUI from all IPv4 and IPv6 addresses.

    Add this rule if you want to access FortiWeb Manager-VM through GUI. You can set the port range according to your own needs.

    TCP

    443

    Allow inbound HTTPS access to FortiWeb Manager GUI from all IPv4 and IPv6 addresses.

    Add this rule if you want to access FortiWeb Manager-VM through GUI. You can set the port range according to your own needs.

    TCP

    22

    Allow inbound SSH access from all IPv4 and IPv6 addresses.

    Add this rule if you want to access FortiWeb Manager-VM through CLI. You can set the port range according to your own needs.