Edge gatewayis a virtual router that connects the intranet to an external network and provides services like NAT, firewall, load balancer and VPN.
DHCP allows you to automatically assign IP addresses to virtual servers from predefined ranges. This can be both public and intranet IP addresses. DHCP helps prevent IP conflicts by ensuring that each virtual server has a unique IP address.
NAT - Network Address Transformation is a method of changing IP-packet headers, so it would appear that network traffic would result from the Edge Gateway, although the creator of the connection was "behind" the shared server Edge Gateway.
- With NAT, you can hide entire networks behind one IP address, only one IP address of the external network is needed.
- Hidden servers behind NAT are usually not accessible to external networks and therefore it’s difficult to attack them.
You can read more about setting up NAT here.
Routing allows you to create routing between different networks. For example, two internal networks in different subnets can interact with each other. There is also support for OSPF and BGP.
Load Balancer distributes incoming requests among multiple servers so that the end user does not see the difference. As the load increases, you can also add servers. Load balancing helps to optimize resource utilization, maximize throughput, minimize response time and avoid overload. Load sharing is done on the round-robin principle - queries are sent to the servers alternately.
VPN (virtual private network) If you want to allow vCloud servers and network access only from your home or office and close it to the rest of the world, the IPSec VPN solution is perfect for this. This means that network traffic between your office and vCloud goes through a secure, encrypted tunnel.
For example, VPN can also connect two networks at different geographic locations into a single entity.
IPSec apps are also available for Android and iOS devices.
Find the exact instructions for setting up a VPN connectionhere.
SSL VPN-Plus allows users to create a secure VPN connection between their own computer and the networks behind Edge Gateway. When connected via SSL encryption, the user can access devices on secure networks. You can create a connection through a browser or with the help of special software installed on your computer.
Certificates. Here you can manage the SSL security certificates used by Edge Gateway. Self-signed certificates can also be used, but it is recommended to order a commercial certificate to protect the Edge Gateway. When connecting with a self-signed certificate, you may get an error in the browser about an insecure connection to the Edge Gateway.
We recommend using CA certificates to create VPN connections. Each user has his own certificate, without which the connection cannot be established. This is a very good extra protection for a regular password.
Statistics graphically shows network traffic statistics through the Edge Gateway.
You can find detailed instructions on the VMware website.