- 15 Sep 2024
- 3 Minutes to read
- Print
- DarkLight
- PDF
Manage Gateways
- Updated on 15 Sep 2024
- 3 Minutes to read
- Print
- DarkLight
- PDF
Use the Gateways page to add and manage Axonius Gateways.
Note that permission is required to add a Gateway.
Axonius Gateway enables establishment of a link between an internal network and the primary Axonius instance, which may be an Axonius-hosted (SaaS) instance or Customer-hosted (on-premise / private cloud)
The Axonius-hosted (SaaS) instance resides in the cloud and is not part of your organization's internal network. Axonius securely fetches data from the organization's data sources, known as adapters. To connect adapters that are only accessible by an internal network or segregated network (for Customer-hosted (on-premise / private cloud)), you must configure and install an Axonius Gateway on a server that has access to those sources.
For more details on installing an Axonius Gateway, see: Installing Axonius Gateway.
To manage Gateways:
- From the top right corner of any page, click . The System Settings page opens.
- In the Categories/Subcategories pane of the System Settings page, expand System, and select Gateways.
The page displays the list of existing Gateways, and each Gateway's details and connection status.
Adding a New Gateway
To add a new gateway:
- Refer to Installing Axonius Gateway for information on how to Add a New Gateway
- Install the Gateway installation package based on the instruction described in: Installing Axonius Gateway.
Once the installation is completed and Gateway is successfully connected, you can configure the adapter connection to use the Axonius Gateway. For details, see Configure and connect adapters to use the Axonius gateway.
Editing an Existing Gateway
To edit an existing Gateway:
From the Gateways page, click an existing Gateway Record. The Gateway Connection drawer appears.
Click the Edit ( ) icon.
Edit the following Gateway settings, as required: Gateway name, Gateway status notification, Proxy settings
Click Save.
If the Proxy Settings have been changed, it is necessary to reinstall the Gateway. For more details, see Installing Axonius Gateway.
Rotating the Gateway Certificate
You can rotate the Gateway Certificate for security or compliance purposes, or if the system displays a message that your gateway certificate has expired or is about to expire.
- To rotate the gateway certificate, on the Gateways page click the gateway whose certificate you want to rotate, the Gateways drawer opens.
- Click the Rotate Gateway Certificate icon the system tells you that you are about to rotate the certificate.
- Click Rotate Certificate to confirm the message.
- An updated certificate is generated. The system displays a message that the certificate rotation was successful. The gateway is then set to a pending state.
- Click on the gateway again, the Gateway drawer opens. Click the download button to download the Gateway installation package.
- Follow instructions in step 4 of the Installing Axonius Gateway guide - Install the Gateway Installation Package - to install the package. The gateway is then connected using the updated certificate.
Deleting a Gateway
In order to delete an existing Gateway, the following conditions should apply:
- The Gateway is not used to access existing Adapter connections.
- The Gateway is not used to access existing Enforcement Actions.
- The Gateway status is disconnected.
To remove a Gateway:
- From the Gateways page, click an existing Gateway Record. The Gateway Connection drawer appears.
- In the Gateway Connection drawer header, click the Delete ( ) icon.
- If the selected Gateway is in use by at least one Adapter Connection or Enforcement Action, a notification informs: This Gateway is used by at least one Adapter Connection/Enforcement Action and cannot be deleted.
Reconfigure the Adapter Connections/Enforcement Actions to use another Gateway and try again.
- If the selected Gateway is in use by at least one Adapter Connection or Enforcement Action, a notification informs: This Gateway is used by at least one Adapter Connection/Enforcement Action and cannot be deleted.
Setting a Default Gateway
The default Gateway is used by the system to connect to servers that are only accessible by an internal network such as LDAP servers and SMTP servers.
To set a default Gateway:
From the Gateways page, click an existing Gateway Record. The Gateway Connection drawer appears.
Click the Edit ( ) icon.
Select the Set as default Gateway connection checkbox to define the Gateway as the system's default Gateway.
Click Save.
Using a Gateway to Connect to Adapter Connection
For details, see Configure and connect adapters to use the Axonius Gateway.
Setting a Backup Gateway
You can select backup Gateways that Axonius will use if the primary Gateway is unavailable. Axonius selects the next available Gateway. Multiple backup Gateways can be configured.
To set a backup Gateway:
From the Gateways page, select a Gateway. The Gateway Connection drawer appears.
Click the Edit ( ) icon.
Under Set Backup Gateway, select one or more Gateways from the Backup Gateway list. You can select multiple Gateways.
Click Save.