Skip to content

Valtix Solution Components

The Valtix solution consists of four (4) primary components: UI / Console, Controller, Gateway, and Terraform. Each are described below.

UI / Console

The Valtix UI / Console is a SaaS delivered component that provides administrators and users the ability to deploy, configure and manage all aspects of a Valtix deployment. Capabilities that are provided through the UI / Console include the following:

  • CSP account / subscription on-boarding
  • CSP asset and traffic visibility
  • Services VPC creation and Spoke VPC/VNet protection
  • Gateway deployment and configuration
  • Security policy definition
  • Traffic and security event investigation and analysis
  • Discovery and threat awareness reporting

Valtix is responsible for managing and updating the UI / Console. Enhancements and updates are provided frequently and can be delivered regularly based on planned release updates, or pushed via hot fixes to address critical fixes rapidly.

Controller

The Valtix Controller is a SaaS delivered component that operates as the control plane and brains of a Valtix deployment. The Controller is the translation layer between operations performed via the UI / Console or Terraform, and the orchestration of those operations within the CSP. Operations that are orchestrated through the Controller include the following:

  • CSP account / subscription on-boarding
  • Asset and traffic visibility discovery
  • Services VPC/VNet creation and management
  • Spoke VPC / VNet protection management
  • Gateway deployment, auto-scaling and updates
  • Security policy definition and deployment
  • 3rd party SIEM and Alert integrations
  • Discovery and threat awareness report generation

Valtix is responsible for managing and updating the Controller. Enhancements and updates are provided frequently and can be delivered regularly based on planned release updates, or pushed via hot fixes to address critical fixes rapidly.

Gateway

The Valtix Gateway is a PaaS delivered component that operates as the data plane deployed in the CSP account / subscription to protect public cloud workloads. The Gateway is deployed and operates entirely within the customer CSP account / subscription. All traffic processing and security protections reside within the CSP. Capabilities that are offered by the Gateway include the following:

  • Cloud native architecture for protecting workloads
  • Ingress, Egress and East-West use-cases
  • Forwarding- and Proxy-based processing
  • Full decryption for traffic payload inspection
  • Advanced security via WAF, IDS/IPS, DLP and L7 DOS
  • Filtering via L4, URL/URI, and Malicious and Geo IP
  • Orchestration via the UI / Console and Terraform
  • Multi-cloud, multi-region and multi-AZ deployment
  • Dynamic auto-scaling based on workload demands
  • Dynamic multi-cloud security policy using cloud constructs

The customer is responsible for updating the Gateway through an upgrade process that is simple, hitless and is completed in minutes. Gateway enhancements and updates are provided frequently and guidance on upgrading is provided by Valtix.

Terraform Provider

The Valtix Terraform Provider is a multi-CSP infrastructure-as-code (IaC) orchestration language used to deploy, configure and manage an entire Valtix deployment via a CICD pipeline. It can be used exclusively or in conjunction with the Valtix UI / Console and accommodates most operations that are available using the UI / Console.

The customer is responsible for updating their Valtix Terraform Provider through referencing the desired Terraform release and running a terraform update command that loads the referenced version.