Security groups are required for versions 1.2.1 and earlier, but are OPTIONAL for version 1.3.0 and later for ALL blueprint solutions.
To set up security groups, consider the following:
SNMP security group (snmp_sg) – Allow UDP ports 161/162.
Control security group (control_sg) – Configure as needed for your environment.
Management security group (mgmt_sg) – Allow TCP port 443, and add an Ingress rule for ALL ICMP.
Provider data network security group (pdn_sg) – Configure as needed for your environment.
Provider gateway security group (pgw_sg) – Configure as needed for your environment.
Default behavior for OpenStack is to create a default security group for every instance. If you are not using security groups, then in VNFM version 1.3.0 and later
inputs files, set the security_groups input to disable, and for VNFM version 1.4.0 and later set the VNF-BIG-IQ solution blueprint,
security_groups input to 0 (disable).