A security group controls and limits the network access to your VPC or resource. SSH (port 22) and RDP (port 3389) allow remote connection and control over a resource. Therefore, it is recommended not to allow access from the internet to these ports, and limit them using security groups. By default, AliCloud enables SSH access in order to let you connect to your resource. We have found that the security group {AliCloudEcsSecurityGroup} enables remote connection access through the internet.