At Jelastic PaaS, all accounts are isolated from each other by default, which explicitly prohibits any unallowed internal connections between environments on different user accounts. With the Network Isolation feature, you can additionally isolate particular environment groups from the rest of environments even in confines of a single account - just turn on the Network Isolation switcher within the Add/Edit Group frame.
For each isolated group, the Platform automatically unites the containers' internal addresses in to a dedicated IP set. This allows to control access between nodes (i.e. if IPs are within the same set - interconnection is allowed, if not - denied). Also, the Platform detects all the related changes under your account (e.g. environment removal, nodes scaling, etc) to automatically keep IP sets up-to-date. While managing Network Isolation, the following peculiarities should be considered:
- the feature can be enabled for the top-level group only (i.e. not for subgroups)
- environment groups with enabled isolation are provided with a custom icon () for better recognition
- shared environments can not be included into isolated groups by collaborators
- this feature is not suitable to limit the access to your containers from outside of the Platform (e.g. via Public IP)