This article discusses how to use security groups on the NSX Advanced Load Balancer to achieve additional flexility and security in AWS clouds deployments.

By default, the NSX Advanced Load Balancer creates and manages a single security group (SG) for the SE. This SG manages the ingress/egress rules for the SE’s management- and data-plane traffic. In certain customer environments, it may be required to provide custom SGs to be also be associated with the SEs management- and/or data-plane vNICs.

For the recommended security groups for AWS deployment, see Recommended Security Group Rules for AWS Deployment.