Google Cloud Platform (GCP) firewall rules let you allow or deny traffic to and from your virtual machine (VM) instances based on a configuration you specify. GCP firewall rules are applied at the virtual networking level, so they provide effective protection and traffic control regardless of the operating system your instances use.
The concept of security group is created in Dome9 compliance engine as a more flexible firewall grouping mechanism. Firewall rules can be assigned in one of the following modes: all instances in the network; instances by target tags; instances by target service account. In the compliance engine we grouped these rules by tags.
Updated over 1 year ago