You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Network View


TDS Project Networks includes TDS Security Groups where user can create/delete/modify Security Rules related to TDS Servers access.

There is one Security Group named "default" which includes a few default security rules.

For every TDS Server there is created a separate Security Group called "<server hostname>_default".

User can maintain server's access using that sever Server Security Group.

Security Group List

Security Group List view includes all Server Security Groups and Project Default Security Group.

Project Admin can add another Security Group using  button.

Default Security Group

Default Security Group is enabled by default to all project servers and includes a few Security Rules which enables access from Servers to external networks and opens ssh connection to Servers.

User can disable Default Security Group to any project server changing Server switch button to off state.

User can't create any new Security Rule in Default Security Group.

Server Security Group

Server Security Group includes Security Rules for a selected server.

Server name is included in Security Group called "<server hostname>_default".

When Server with optional Application is created, TDS Server Security Group is created including all necessary Security Rules for installed Application.

User can enable Server Security Group for another Server - not recommended.

There is a Project quota limit for Security Rules in public TDS - maximum number of Project Security Rules is the same as maximum number of Servers allowed in the Project.

User can save changes or delete Server Security Group using button SAVE respective DELETE.

User can cancel his actions in Security Server Group view pressing button Escape.

User can add a new Security Rule into Server Security Group using button ADD.

Add Security Rule

User can add a new Security Rule in that view or modify existing Security Rules.

Security Rule includes the following fields:

  • Direction
    • Egress direction means direction from TDS Server to other hosts or networks. By default egress is allowed to all networks and for all protocols and ports.
    • Ingress direction means direction from external hosts or servers to TDS Server. By default ingress is not allowed except to Application protocols and ports installed by TDS.
  • Protocol
    • Possible values:
      • Any
      • TCP
      • UDP
      • ICMP
  • Remote IP
    • Source of the traffic to be allowed via this rule. Expected values should be entered in the form of an IP address block. For all IPs 0.0.0.0/0 can be used.
  • Port from
    • The field means a single port or beginning of the range of ports which will be used for the rule
    • Valid only for TCP and UDP protocols
    • Integer value between 1 and 65535 can be used only
  • Port to
    • The field means a single port or end of the range of ports which will be used for the rule
    • Valid only for TCP and UDP protocols
    • Integer value between 1 and 65535 can be used only
  • Action
    • Action which will be performed for the rule
    • The only action which can be used for the rule is REMOVE
    • After removing of the rule from the view, it's ncessary to press SAVE to write REMOVE action to Server Security Group.

User can modify existing Security Rules and save all changes pressing SAVE to write REMOVE action to Server Security Group.

  • No labels