diff --git a/README.md b/README.md
index 8f124b60..6318fa44 100644
--- a/README.md
+++ b/README.md
@@ -27,3 +27,17 @@ The neutron-api and neutron-openvswitch charms must be related to the same insta
 # Restrictions
 
 It should only be used with OpenStack Icehouse and above and requires a seperate neutron-api service to have been deployed.
+
+# Disabling security group management
+
+WARNING: this feature allows you to effectively disable security on your cloud!
+
+This charm has a configuration option to allow users to disable any per-instance security group management; this must used with neutron-security-groups enabled in the neutron-api charm and could be used to turn off security on selected set of compute nodes:
+
+    juju deploy neutron-openvswitch neutron-openvswitch-insecure
+    juju set neutron-openvswitch-insecure disable-security-groups=True
+    juju deploy nova-compute nova-compute-insecure
+    juju add-relation nova-compute-insecure neutron-openvswitch-insecure
+    ...
+
+These compute nodes could then be accessed by cloud users via use of host aggregates with specific flavors to target instances to hypervisors with no per-instance security.