Azure Service VNet¶
For the Centralized deployment, Valtix Gateway is deployed in a new Service VNet. This VNet is called a Service VNet which will peer with other Spoke(application) VNet to create a Hub-and-Spoke model as shown below:
Valtix orchestrates the creation of the Service VNet and does VNet peering with the Spoke VNets. Valtix also provides the ability to update the routing in Spoke VNets to route traffic to Service VNet for inspection. For instructions on how to make routing changes with Valtix in Spoke VNet, see Manage Spoke VNets
Create Service VNet¶
- Click Manage -> Gateways -> Service VPCs/VNets.
- Click Create Service VPC/VNet.
- Input parameter values:
| Parameter | Description |
|---|---|
| Name | Name of Service VNet. |
| CSP Account | Azure Subscription to create the Service VNet. This subscription needs to be onboarded to Valtix Controller. |
| Region | Azure region to deploy Service VNet. |
| CIDR Block | The CIDR Block for Service VNet. This must not overlap with your Spoke(application) VNets. |
| Availability Zones | Recommened to select at least two(2) for resiliency. Not all Azure regions have multiple AZs. |
| Resource Group | The Resource Group to deploy Service VNet. |
Tech Notes
- Service VNet consist of the following:
- VNet
- Two (2) NSG
- Service VNet CIDR must not overlap with Spoke VNet