using DataPower as a proxy between AG and Dynatrace server

gilgi · ‎19 Jul 2018

Hi all,

Is anyone using Datapower or any other proxy/security layer between ActiveGate and Dynatrace managed server and is also inspecting the traffic?

Gil.

Julius_Loman · ‎19 Jul 2018

What should be the benefit of having any 3rd party tool inside the internal communication? Protocol is HTTPS (TLS/1.2), so you would have probably to deal with certificates and this could easily break the communication between Dynatrace server and gateways. The protocol is not (publicly) documented.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner

Yosi_Neuman · ‎19 Jul 2018

Hi Julius,

This DP is actually the gate from DMZ to LAN and they are inspecting every transaction for security issues.

Is there a way to replace the privet SGW and the DTM certificates as there is for Public SGW?

Yos

dynatrace certificated professional - dynatrace master partner - Matrix Soft Ware Division - Israel

Julius_Loman · ‎20 Jul 2018

You should probably to talk to support for this. There is a SSL truststore in the SGW, so I think this is possible to somehow add your own certificate to the truststore. You don't need to change the SGW certificate, since that one is used for SGW-OneAgent communication.

But maybe the SGW will trust your custom certificate anyway.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner