Skip to content


Valtix provides network visibility and control of your public cloud deployments to protect them for a variety of scenarios: ingress, egress and east-west (between VPCs, to PaaS and on-premises networks). This tutorial will provide steps to build a hub-n-spoke design in AWS using the Transit Gateway. The term service VPC is used to denote the security aka hub VPC. You can also use the Terraform provider for Valtix and example templates for this.

Valtix follows a workflow of

  1. discover your cloud assets continuously,
  2. deploy Valtix Gateways for protection and
  3. defend using dynamic multi-cloud policies.


Tech Notes

In a Centralized architecture deployment, two Security VPCs are necessary if the objective is to protect ingress, egress, and east-west traffic - one Security VPC for the ingress traffic and one Security VPC for the combined egress & east-west traffic.