Valtix Solution Components¶
The Valtix solution consists of four (4) primary components: Portal / UI, Controller, Gateway, and Terraform Provider. Each are described below.
Portal / UI¶
The Valtix Portal / UI is a SaaS delivered component that provides administrators and users the ability to deploy, configure and manage all aspects of a Valtix deployment. Capabilities that are provided through the Portal / UI include the following:
- CSP account / subscription on-boarding
- CSP asset and traffic visibility
- Services VPC creation and Spoke VPC/VNet protection
- Gateway deployment and configuration
- Security policy definition
- Traffic and security event investigation and analysis
- Discovery and threat awareness reporting
Valtix is responsible for managing and updating the Portal / UI. Enhancements and updates are provided frequently and can be delivered regularly based on planned release updates, or pushed via hot fixes to address critical fixes rapidly.
Controller¶
The Valtix Controller is a SaaS delivered component that operates as the control plane and brains of a Valtix deployment. The Controller is the translation layer between operations performed via the Portal / UI or Terraform Provider, and the orchestration of those operations within the CSP. Operations that are orchestrated through the Controller include the following:
- CSP account / subscription on-boarding
- Asset and traffic visibility discovery
- Services VPC/VNet creation and management
- Spoke VPC / VNet protection management
- Gateway deployment, auto-scaling and updates
- Security policy definition and deployment
- 3rd party SIEM and Alert integrations
- Discovery and threat awareness report generation
Valtix is responsible for managing and updating the Controller. Enhancements and updates are provided frequently and can be delivered regularly based on planned release updates, or pushed via hot fixes to address critical fixes rapidly.
Gateway¶
The Valtix Gateway is a PaaS delivered component that operates as the data plane deployed in the CSP account / subscription to protect public cloud workloads. The Gateway is deployed and operates entirely within the customer CSP account / subscription. All traffic processing and security protections reside within the CSP. Capabilities that are offered by the Gateway include the following:
- Cloud native architecture for protecting workloads
- Ingress, Egress and East-West use-cases
- Forwarding- and Proxy-based processing
- Full decryption for traffic payload inspection
- Advanced security via WAF, IDS/IPS, DLP and L7 DOS
- Filtering via L4, URL/URI, and Malicious and Geo IP
- Orchestration via the Portal / UI and Terraform Provider
- Multi-cloud, multi-region and multi-AZ deployment
- Dynamic auto-scaling based on workload demands
- Dynamic multi-cloud security policy using cloud constructs
The customer is responsible for updating the Gateway through an upgrade process that is simple, hitless and is completed in minutes. Gateway enhancements and updates are provided frequently and guidance on upgrading is provided by Valtix.
Terraform Provider¶
The Valtix Terraform Provider is a multi-CSP infrastructure-as-code (IaC) orchestration language used to deploy, configure and manage an entire Valtix deployment via a CICD pipeline. It can be used exclusively or in conjunction with the Valtix Portal / UI and accommodates most operations that are available using the Portal / UI.
The customer is responsible for updating their Valtix Terraform Provider through referencing the desired Terraform release and running a terraform update
command that loads the referenced version.