Updated on 2024-03-08 GMT+08:00

Adding a Custom Service Group

A service group is a collection of services (protocols, source ports, and destination ports). A service group frees you from repeatedly modifying access rules and simplifies security group rule management.

Constraints

  • A service group can have up to 64 services.
  • A firewall instance can have up to 512 service groups.
  • A firewall instance can have up to 900 services.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
  4. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click View in the Operation column to go to the details page.
  5. In the navigation pane, choose Access Control > Service Groups.
  6. Click Add Service Group. On the displayed Basic Information page, enter the service group name and description.

    Figure 1 Basic information
    Table 1 Service group parameters

    Parameter

    Description

    Service Group Name

    Name of a service group

    Description

    Usage and application scenario

    Services

    • Protocol: Select a protocol. Supported protocols include TCP, UDP, and ICMP.
    • Source Port: Set the source port to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
    • Destination Port: Set the destination port to be allowed or blocked. You can configure a single port or consecutive port groups (example: 80-443).
    • Description: Usage and application scenario of the service group

  7. Confirm the information and click OK.

Follow-up Operations

  • If you need to add protocols or ports after adding a service group, see Adding a Service.
  • A service group takes effect only after it is set in a protection rule. For more information, see Adding a Protection Rule.