cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can a single Public Managed Security Gateway used by multi DT Managed instances?

eric_covell
Newcomer

I deployed 1 Public Managed Security Gateway (PMSG) in my DMZ network.

PMSG has both Internet facing IP and back channel IP to reach my Internal network. I have 3 DT Managed instances (PROD, Non-Prod and Lab)

Is it possible for my PMSG to route traffic over these 3 instances?

4 REPLIES 4

JamesKitson
Dynatrace Leader
Dynatrace Leader

What do you mean by 'instances?' Are you referring to 3 separate managed clusters or three environments? If it is the latter then that will work - a public security gateway can work with any environments on the cluster. But they can only connect to one cluster.

James

I have 3 completely separate instance of DT Managed all located in my Internal network. Each require a distinct "Run command" to Add New Security Gateway located in my DMZ.

wget --no-check-certificate -O psg-installer.shhttps://dtmanagedPROD.company.int.ca/psgwinstaller/unix/latest/A1A1A1A

wget --no-check-certificate -O psg-installer.shhttps://dtmanagedNONPROD.company.int.ca/psgwinstaller/unix/latest/B1B1B1B

wget --no-check-certificate -O psg-installer.shhttps://dtmanagedLAB.company.int.ca/psgwinstaller/unix/latest/C1C1C1C

Security Gateway server is expensive. Can my 3 DT Managed instances be mapped to the same PMSG? If so, I run the 3 "Run command" one after the other?

It sounds like you have three clusters (I would have gone with dividing the different stages between environments on one cluster - and this would require only one public security gateway) and want to share one server that will run the security gateways for each of them. I imagine port conflicts would be an issue with three instances of a security gateway on it - might be able to change the ports being used but I don't know offhand, plus I wonder if the installers would conflict since they'd be trying to install in the same place. Never ran into a situation like yours, seems unique.

What do you mean by "expensive" in this case? It's not licensed and also it does not have very specific or intensive requirements.