What are the inbound and outbound rules of a cloud server security group?

A cloud server security group acts as a virtual firewall to control network traffic to and from the server. It consists of inbound and outbound rules that define which IP addresses, protocols, and ports are allowed to communicate with the server.

Inbound Rules

Inbound rules regulate traffic coming into the cloud server from external sources. You can specify:

• Source IP range (e.g., allow only your office IP).
• Protocol (TCP, UDP, ICMP, etc.).
• Port range (e.g., allow HTTP on port 80 or SSH on port 22).

Example:
If you run a web server, you might create an inbound rule to allow TCP traffic on port 80 (HTTP) from 0.0.0.0/0 (all IPs) or restrict it to your company's IP range.

Outbound Rules

Outbound rules control traffic leaving the cloud server to external destinations. You can define:

• Destination IP range (e.g., allow access to a specific database server).
• Protocol (TCP, UDP, ICMP, etc.).
• Port range (e.g., allow MySQL on port 3306).

Example:
If your server needs to send logs to an external monitoring service, you might create an outbound rule to allow TCP traffic on port 443 (HTTPS) to the monitoring service's IP.

For managing these rules efficiently, Tencent Cloud Security Group provides a user-friendly interface to configure inbound and outbound policies, ensuring secure network access for your cloud servers.