Top FAQs for Network Security Groups

The top FAQs when configuring network security groups (NSGs) for Oracle Analytics Cloud are identified in this topic.

What is a network security group or NSG?

Network security groups act as a virtual firewall for Oracle Cloud Infrastructure resources such as Oracle Analytics Cloud. An NSG consists of a set of ingress and egress security rules that apply only to a set of VNICs of your choice in a single VCN. To learn more about NSGs and how to manage ingress and egress security rules, see Network Security Groups.

Can I use NSGs in Oracle Analytics Cloud?

Yes.

Can I use NSG ingress rules to restrict access into my public Oracle Analytics Cloud instance?

No. To restrict incoming traffic (ingress) to your public Oracle Analytics Cloud instance, use access control rules. See Control Incoming Traffic for a Public Endpoint (Ingress).

I applied a NSG to my Oracle Analytics Cloud instance and now I need to update the rules. Can I update or add new rules to the NSG?

Yes. Oracle Analytics Cloud applies the latest NSG rules for access to and from Oracle Analytics Cloud.

I applied a NSG with both ingress and egress rules to my Oracle Analytics Cloud instance. What's the impact on access to and from Oracle Analytics Cloud?

  • Private Oracle Analytics Cloud instance: Ingress rules defined in the NSG control incoming traffic (ingress) to Oracle Analytics Cloud.
  • Private data sources: Egress rules defined in the NSG control outgoing traffic.

How many NSGs can I apply to my Oracle Analytics Cloud instance?

Five.

If I apply multiple NSGs to my Oracle Analytics Cloud instance, what happens?

The set of rules applied is the union of the rules from all the NSGs.

Can I use one set of NSGs to control access to my private Oracle Analytics Cloud instance and a different set of NSGs to control access to my private data sources?

No. You must apply a single set of NSGs. The ingress rules in these NSGs control the incoming traffic and the egress rules in the NSGs control access to the private data sources.