The Valtix Controller provides a SaaS-delivered centralized control plane to deploy and manage Valtix and its security policy. Easy Setup helps guide users through the process of setting up Valtix security using a series of simple steps:
- Onboard Cloud Account
- Enable Traffic Visibility
- Create Service VPC/VNet
- Create Valtix Gateway
Onboard Cloud Account¶
The first step is to onboard a set of one or more Cloud Accounts. This allows the Valtix Controller to interact with each account by discovering inventory and traffic, orchestrating security deployment, and creating and managing policy.
Enable Traffic Visibility¶
The second step is to enable Traffic Visibility. Traffic Visibility provides awareness into the traffic flows within the Cloud Accounts by collecting VPC/VNet Flow Logs and DNS Query Logs. The Flow and DNS Query logs are used by Valtix to understand traffic flow, correlate with threat intelligence feeds, and provide insight into existing threats that can be protected using Valtix.
Create Service VPC/VNet¶
The third step is to create a centralized Service VPC/VNet that will host the Valtix Gateways for processing, inspecting and protecting traffic and workloads. The Valtix Controller will orchestrate and manage the Service VPC/VNet.
Create Valtix Gateways¶
The forth step is to create a set of Valtix Gateways within the Service VPC/VNet for centralized Ingress, Egress and East-West protection. The Valtix Controller will orchestrate and manage the Gateways.
Navigate to Setup. This setup guide will walk you through the process of setting up your security infrastructure.
- To onboard a cloud account, click on Connect Account.
- Select the desired cloud provider, specify the account information and click Save & Continue
- Select the VPCs/VNets to enable Traffic Visibility and click Save & Continue
- Deploy a Services VPC/VNet and click Save & Continue
- Deploy the Valtix Gateways and click Save & Continue
Easy Setup supports the following Cloud Providers:
- Account Onboarding: AWS, Azure, GCP, OCI
- Enable Traffic Visibility: AWS (Flow Logs, DNS Query Logs), Azure (Flow Logs), GCP (VPC flow logs, DNS Query Logs)
- Create Services VPC/VNet: AWS, Azure, GCP
- Create Gateways: AWS, Azure, GCP
Although Services VCN orchestration is not supported for OCI (requires the user to create the Services VCN using the Cloud Provider console), the Gateway orchestration is supported using the Manage -> Gateways -> Add Gateway workflow.