cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can a single Public Managed Security Gateway used by multi DT Managed instances?

eric_covell
Newcomer

I deployed 1 Public Managed Security Gateway (PMSG) in my DMZ network.

PMSG has both Internet facing IP and back channel IP to reach my Internal network. I have 3 DT Managed instances (PROD, Non-Prod and Lab)

Is it possible for my PMSG to route traffic over these 3 instances?

4 REPLIES 4

JamesKitson
Dynatrace Leader
Dynatrace Leader

What do you mean by 'instances?' Are you referring to 3 separate managed clusters or three environments? If it is the latter then that will work - a public security gateway can work with any environments on the cluster. But they can only connect to one cluster.

James

I have 3 completely separate instance of DT Managed all located in my Internal network. Each require a distinct "Run command" to Add New Security Gateway located in my DMZ.

wget --no-check-certificate -O psg-installer.shhttps://dtmanagedPROD.company.int.ca/psgwinstaller/unix/latest/A1A1A1A

wget --no-check-certificate -O psg-installer.shhttps://dtmanagedNONPROD.company.int.ca/psgwinstaller/unix/latest/B1B1B1B

wget --no-check-certificate -O psg-installer.shhttps://dtmanagedLAB.company.int.ca/psgwinstaller/unix/latest/C1C1C1C

Security Gateway server is expensive. Can my 3 DT Managed instances be mapped to the same PMSG? If so, I run the 3 "Run command" one after the other?

It sounds like you have three clusters (I would have gone with dividing the different stages between environments on one cluster - and this would require only one public security gateway) and want to share one server that will run the security gateways for each of them. I imagine port conflicts would be an issue with three instances of a security gateway on it - might be able to change the ports being used but I don't know offhand, plus I wonder if the installers would conflict since they'd be trying to install in the same place. Never ran into a situation like yours, seems unique.

What do you mean by "expensive" in this case? It's not licensed and also it does not have very specific or intensive requirements.

TEMPEST a.s., Slovakia, Dynatrace Master Partner