Subnets

When configuring your gateway deployment, the Multicloud Defense Controller will prompt you for the management and datapath subnet information.

The management subnet is a public subnet that must be associated with the route table that has a default route to the Internet. The Multicloud Defense Gateway instance has an interface attached to this subnet that it uses to communicate with the Multicloud Defense Controller. This interface is used for policy pushes and other management and telemetry activities between the Multicloud Defense Controller and the Multicloud Defense Gateway instances. Customer application traffic does not flow through this interface and subnet. The interface is associated with themanagement security group, which is described in the Security Groups section below.

The datapath subnet is a public subnet that must be associated with the route table that has a default route to the Internet. The Multicloud Defense Controller creates a network load balancer (NLB) in this subnet. In addition, a Multicloud Defense Gateway instance has an interface attached to this subnet. The customer applications traffic flows through this interface. A security policy is applied to the trafficingressing through this interface. The interface is associated with the datapath security group, which is described in the Security Groups section.