Azure Centralized Egress¶
Valtix orchestrate a Service VNet in a centralized model where the Service VNet will act as the enforcement hub. A VNet peering would be created between the Spoke VNet and the Service VNet. Valtix will create/update User Defined Routes(UDR) in Spoke VNets to have traffic routed to the Service VNet. Inside the Service VNet, there would be a Network Load Balancer(NLB) and Valtix Gateway. Traffic from Spoke VNet would be routed to the NLB, which would then be load balanced between Valtix Gateways in multiple Avaliablity Zones.
The diagram shows both Ingress Gateway and Egress+East-West Gateway. User can choose to deploy Ingress and Egress+East-West Gateway in the same VPC. If protection is for Egress/East-West only, deployment of Ingress Gateway is not needed.