Skip to content

Azure Centralized Egress

Valtix orchestrate a Service VNet in a centralized model where the Service VNet will act as the enforcement hub. A VNet peering would be created between the Spoke VNet and the Service VNet. Valtix will create/update User Defined Routes(UDR) in Spoke VNets to have traffic routed to the Service VNet. Inside the Service VNet, there would be a Network Load Balancer(NLB) and Valtix Gateway. Traffic from Spoke VNet would be routed to the NLB, which would then be load balanced between Valtix Gateways in multiple Avaliablity Zones.

Azure_Egress

Notes

The diagram shows both Ingress Gateway and Egress+East-West Gateway. User can choose to deploy Ingress and Egress+East-West Gateway in the same VPC. If protection is for Egress/East-West only, deployment of Ingress Gateway is not needed.