A concept central to the use of Dome9 is that of a security group. A Dome9 security group is a collection of managed machines defined by a common policy. Security group benefits include:
- The ability to apply a single policy to similar server types (e.g., SSH On-demand for all SQL Servers);
- Configuration of user access to servers on a group rather than individual basis (e.g., Database Administrators can access all servers via MySQL in the SQL Servers Group).
Security group management includes these functional configuration categories:
- Inbound Policy
- Outbound Policy
- Firewall Logging Policy
- File Integrity Monitoring Policy
Three different kinds of security groups exist in Dome9: a Dome9 agent-based security group, and two flavors of AWS security groups – AWS EC2-VPC and AWS EC2-Classic.