This question comes up from time-to-time, so we decided to write this little how-to article.
Changing your SSH port number is not recommended anymore
Changing SSH to a port other than 22 is an old trick. There may have been a time when this trick was effective, but nowadays this mainly provides a *false sense of security*, management complexity, and won't increase your security. The port scanners used by hackers today will find the 'hidden' SSH port in no time. (try NMAP port scanner and see: http://nmap.org/)
SSH - The Dome9 Way
With Dome9, your SSH port is normally closed and only opened on-demand for authorized users, only for their IP address, and only for a limited time. During this process, SSH is not exposed to hackers and scanners - hence, is no need anymore to further hide it as it's cloaked already.
Still, here's how to define a non-standard SSH port with Dome9
Defining any custom service on Dome9 system is easy:
Login to your Dome9 Central portal and click the 'Policy Management" tab
Locate the relevant security group you wish to modify
Delete the old SSH rule (so it won't confuse you anymore)
Add new Service, name it SSH or SSH custom, select custom, TCP, and choose your port number
Click 'Save' and 'Done'. From now on your SSH will be protected by Dome9 and only enabled on demand for authorized users.