1. Security Guide
  2. Load Balancer Security Considerations
  3. LBaaS Security Lists

LBaaS Security Lists

You use VCN network security groups (NSGs) or security lists to control network access to load balancers. This method provides the Oracle Private Cloud Appliance with functionality similar to traditional LB firewalls. You configure the load balancer rules by configuring the NSGs or the subnet security lists for the LBs.

When you create a listener, you must also update the VCN’s security list to permit traffic to that LB listener.

The ingress rule for the security list must be edited to permit the following:

  • Source CIDR (Enter a block that covers the networks using the LB. Can be 0.0.0.0/0.)

  • Protocol TCP

  • Destination port range 80 (the listener port)

If you created other listeners, then you must add an ingress rule for each listener port to permit traffic to reach the listener. For example, if you created a listener on port 443, you must permit traffic for port 443.

For more information about NSGs and security lists, see "Controlling Traffic with Security Lists" and "Controlling Traffic with Network Security Groups" in the Networking chapter in the Oracle Private Cloud Appliance User Guide.