Page tree
Skip to end of metadata
Go to start of metadata

Network View


TDS Project Networks includes TDS Security Groups where user can modify Security Rules related to TDS Servers access.

There is one Security Group named "default" which includes a few default security rules.

For every TDS Server there is created a separate Security Group called "<server hostname>_default".

Security Group List

Security Group List view includes all Server Security Groups and Project Default Security Group.

A Security Group is created automatically when new server is created. There is no need to create security group by user. 

Default Security Group

Default Security Group is enabled by default to all project servers and includes a few Security Rules which enables access from Servers to external networks and opens ssh connection to Servers.

User can't create any new Security Rule in Default Security Group.

Server Security Group

Server Security Group includes Security Rules for a selected server.

Server name is included in Security Group called "<server hostname>_default".

When Server with optional Application is created, TDS Server Security Group is created automatically including all necessary Security Rules for installed Application.

There is a Project quota limit for Security Rules in public TDS - maximum number of Project Security Rules is the same as maximum number of Servers allowed in the Project


User can save changes Server Security Group using button SAVE.

User can cancel his actions in Security Server Group view pressing button Escape.

User can add a new Security Rule into Server Security Group using button ADD.

Add Security Rule

User can add a new Security Rule in that view or modify existing Security Rules.

Security Rule includes the following fields:

  • Direction
    • Egress direction means direction from TDS Server to other hosts or networks. By default egress is allowed to all networks and for all protocols and ports.
    • Ingress direction means direction from external hosts or servers to TDS Server. By default ingress is not allowed except to Application protocols and ports installed by TDS.
  • Protocol
    • Possible values:
      • Any
      • TCP
      • UDP
      • ICMP
  • Remote IP
    • Source of the traffic to be allowed via this rule. Expected values should be entered in the form of an IP address block. For all IPs 0.0.0.0/0 can be used.
  • Port from
    • The field means a single port or beginning of the range of ports which will be used for the rule
    • Valid only for TCP and UDP protocols
    • Integer value between 1 and 65535 can be used only
  • Port to
    • The field means a single port or end of the range of ports which will be used for the rule
    • Valid only for TCP and UDP protocols
    • Integer value between 1 and 65535 can be used only
  • Action
    • Action which will be performed for the rule
    • The only action which can be used for the rule is REMOVE.
    • After removing of the rule from the view, it's necessary to press SAVE to write REMOVE action to Server Security Group.

User can modify existing Security Rules and save all changes pressing SAVE to write REMOVE action to Server Security Group.

  • No labels