Azure Centralized Ingress¶
In Centralized Ingress model, Valtix would orchestrate a Service VNet and create a VNet peering between the Spoke VNet and Service VNet. Valtix will create User Defined Routes(UDR) in Spoke VNets to have traffic routed to the Service VNet. All necessary component inside the Service VNet(Valtix Gateway, Network Security Group, NLB) will be created and managed by Valtix. The NLB would be a public endpoint to receive internet traffic and load balanced to Valtix Gateways. Valtix Gateways will act as a reverse proxy and protect your workloads.
The diagram shows both Ingress Gateway and Egress+East-West Gateway. User can choose to deploy Ingress and Egress+East-West Gateway in the same VPC. If protection is for Ingress only, deployment of Egress Gateway is not needed.