-
Notifications
You must be signed in to change notification settings - Fork 232
FAQ
Gatekeeper supports IPv4 and IPv6 networks.
If Gatekeeper servers had a single network interface, a Gatekeeper server under a DDoS attack may not receive policy decisions coming from Grantor servers due to the saturation of the interface.
A flow is defined as the pair of source and destination IP addresses. All policy decisions are enforced over flows.
Vantage points (VPs) are locations that support the deployment of Gatekeeper servers. Besides basic hardware demands, these locations must provide BGP speakers to announce protected network prefixes and private links between the VP and the protected destination. The private links are used to make Gatekeeper servers the entry points of traffic toward the protected destinations. These private links can be implemented using a number of technologies, including regular tunnels. Typical VPs are Internet exchanges, peering-link locations, and (some) cloud providers; not all cloud providers support BGP announcements.