Skip to content

Egress and East-West

When using Valtix to protect Egress traffic, traffic sent to the Internet will have a source IP of the Valtix Gateway instance. If there is a desire for the Gateway instances to be deployed as private, and the IP address used to send traffic to the Internet needs to be static (does not change), the Service VPC can be deployed using a NAT Gateway. When the NAT Gateway option is enabled, the Valtix Gateway is deployed into private subnets and public subnets will be created to host the NAT Gateways. All traffic to the Internet will be sent through the NAT Gateways using their public IP addresses. This allows the IP address of the NAT Gateways to be whitelisted, which is often required when interfacing a cloud resource to a SaaS-delivered Identity Provider for authentication.