This article discusses how to use security groups on the NSX Advanced Load Balancer to achieve additional flexibility and security in AWS cloud deployments.
By default, the NSX Advanced Load Balancer creates and manages a single security group (SG) for the SE. This SG manages the ingress/egress rules for the SE’s management and data plane traffic. In certain customer environments, it may be required to provide custom SGs to be associated with the SEs management and or data plane vNICs.
For more information on the recommended security groups for AWS deployment, see Recommended Security Group Rules for AWS Deployment.