- changes occur immediately
- stateful
- everything that you allow
inwill also be allowedout - all out-bound traffic is allowed by default
- everything that you allow
- everything blocked by default (you can’t deny, only allow)
- associate multiple security groups
Difference between SGs and ACLs
- SGs are
stateful - ACLs are stateless
- important: can’t block IP address using SGs (must use ACLs instead)