Managing Egress Security for VPC/VNets
|
Controller 8.0 is required for all features and functionality on this tab except for applying local egress to VPC/VNets. |
The Egress VPC/VNets tab displays all VPC/VNets discovered by your cloud accounts and their protection status. VPC/VNets with No Egress status require the deployment of a Spoke gateway for Local Egress.
The Egress VPC/VNets tab displays:
-
Spoke gateways that have Local Egress enabled (Spoke gateways that send traffic directly to the Internet).
-
Spoke gateways that have Transit Egress enabled (Spoke gateways that forward traffic to a Transit gateway, which then sends the traffic to the Internet).
This Transit gateway must have Transit Egress Capability (selectable when you create a Transit gateway). -
Spoke gateways where Egress is not configured by Aviatrix (Native Cloud Egress). These are not editable.
-
GCP Spoke gateways that have Global VPC and Transit Egress enabled. These are not editable.
-
Any Transit gateways attached to the Spoke gateways.
From here you can do the following if you have upgraded to Controller 8.0 and have the DCF feature enabled:
-
Deploy a Spoke Gateway within a VPC/VNet, so that Local Egress can be applied
-
Monitor VPC/VNets, to determine if any of them require protection
-
Protect VPC/VNets by only allowing trusted traffic flows
You can do the following if you have not yet upgraded to Controller 8.0: