cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Setting up VMs for Dynatrace

srinivasarao_as
Organizer

Hi

Could you please suggest on the below issue?

We are in a process of building building Dynatrace VMs


Network security team has raised below concerns

  • It is not possible one VM connected to two separate security zones at the same time due to network security issues.
  • A VM can only exist in 1 or other.
  • So if these VM’s are communicating externally then they MUST be solely hosted in a DMZ.
  • Traffic must flow through the firewall to them and then they can onward communicate.
  • If this cannot be achieved because the Network team do not want to open to everything then an additional VM on the internal (that ALL servers on the internal zone communicate to), that forwards to the DMZ and the DMZ forwards to Dynatrace must be implemented (if at all possible based on Dynatrace capabilities).

Thanks&Regards

Srinivas


1 REPLY 1

Hello,

for such cases dynatrace has special component called ActiveGate. It is stored on different VM than Dynatrace cluster. You cen put it in different Security zone and set network rules for allowing them to send traffic from AG to Dynatrace cluster. More info here:

https://www.dynatrace.com/support/help/shortlink/s...

Sebastian