Related Products
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADAudit Plus

Real-time Active Directory Auditing and UBA
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
EventLog Analyzer

Real-time Log Analysis & Reporting
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
Log360

Comprehensive SIEM and UEBA
Download | Demo

Gateway Cluster

A gateway cluster is a group of gateway servers that share common configurations such as gateway server port, DPI mode, proxy chain, etc. The cluster simplifies the process of configuring and managing multiple gateway servers by allowing users to define configurations once and apply them across all servers within the cluster.

Table of contents

Architecture overview
Adding/configuring a gateway cluster
Editing a gateway cluster
Deleting a gateway cluster
Gateway cluster insights

Architecture overview

Our system is designed around the concept of gateway clusters and gateway servers to streamline the configuration and management of network traffic routing.

Here's a brief overview:

Gateway cluster: A group of gateway servers sharing common configurations. It simplifies the configuration and management of multiple gateway servers by allowing centralized configuration settings and actions.
Gateway server: An individual server instance within a gateway cluster. It acts as a bridge between different networks or systems, translating data and protocols to enable communication. It can handle various tasks like ensuring security, managing and auditing internet traffic, blocking access to restricted domains, providing insights into the web applications used, and helping enforce data protection policies like blocking unsanctioned applications.

Adding/configuring a gateway cluster

In Log360 Cloud, you can add/configure a new gateway cluster with the following steps:

Login to your Log360 Cloud account.
Go to Settings → Configuration → Cloud Protection Settings.
Under Server, click on Gateway Servers.
Click on Add Cluster.

On the Add Gateway Cluster page, fill in the Cluster Name and Port.

Configuring Gateway Server

Note: All the gateway servers will be running in the same port that is configured in this cluster.

The Advanced Settings are hidden by default. You can click on it to configure additional settings such as SSL Settings, Proxy Settings, and other Misc settings.

In the SSL Settings tab, you can select the preferred Deep Packet Inspection (DPI) mode, CA Certificate and choose the preferred Transport Layer Security (TLS) versions to be enabled.

Note: You can select either one or more of the TLS versions as needed for your environment. SSL versions preceding TLSV1.0 are not supported.

Select the suitable DPI Mode from the drop-down menu. The available options are as follows:
- Enable: Monitors all web traffic content
- Mixed mode: Inspects only specific cloud applications
- Disable: Does not perform deep packet inspection

Note:

All cloud applications that are part of the File Upload Reports are configured in the Mixed Mode by default.
DPI will always work in disabled state for "autoupdate.geo.opera.com" domain due to certificate pinning.

Once the DPI Mode is enabled or set to mixed mode, you will need to create or select an existing Certificate Authority (CA) certificate.

You can create a new CA certificate either by clicking on the Create new CA Certificate button or by following these steps in the Server CA Management page.

Note: This certificate must be installed on all client machines to be trusted as the root authority. You can install the certificates manually on each client machine, or you can use a GPO to install the certificate on multiple devices by following the steps on this page.

In the Proxy Settings tab, you will have to configure settings if the existing gateway servers within this gateway cluster need to connect to another proxy server for connecting to the internet.

Enter the details of the proxy servers as applicable.

Proxy settings	Required details
No proxy	-
Auto proxy	-
PAC proxy	PAC script location
IP proxy	IP address with port

Note: The PAC script location is the URL of the Proxy Auto-Configuration (PAC) file that contains instructions for handling web traffic requests. Learn more about PAC scripts.

In the Misc Settings, you can configure the minimum disk space for auditing. If the disk space falls lower than the specified limit, the traffic data will not be audited.

Once you have updated all the necessary changes, click on Save to create the new gateway cluster.

Your new gateway cluster has been created successfully.

Editing a gateway cluster

In Log360 Cloud, you can edit a gateway cluster with the following steps:

Login to your Log360 Cloud account.
Go to Settings → Configuration → Cloud Protection Settings.
Under Server, click on Gateway Servers.
Choose the specific gateway cluster you wish to edit and click on the Edit button.

On the Update Gateway Cluster page, make all the desired modifications and click on Update to save the modifications.

Your gateway cluster has been updated successfully with the new configuration.

Note: When a gateway cluster's configuration is updated, some manual changes may be required on the endpoint machines. For instance, if DPI is enabled or a CA certificate is changed, the new CA certificate must be installed on all endpoint machines. Additionally, if the proxy port is updated, this change should be reflected on all endpoint machines as well.

Deleting a gateway cluster

In Log360 Cloud, you can delete a gateway cluster with the following steps:

Login to your Log360 Cloud account.
Go to Settings → Configuration → Cloud Protection Settings.
Under Server, click on Gateway Servers.
Choose the specific gateway cluster you wish to delete and click on the Delete button.

While deleting a gateway cluster with gateway servers mapped to it, the following alert message will appear. Only after you move the gateway servers to another cluster or remove them altogether will you be able to delete them.

While deleting a gateway cluster without any gateway servers mapped to it, the following confirmation box will appear. Click on Yes to delete the gateway cluster.

Your gateway cluster has been deleted successfully.

Configuring Gateway Server

Note: Gateway clusters with configured servers cannot be deleted. Additionally, the 'default_gateway_cluster' cannot be deleted. To delete a gateway cluster, servers must be moved to another cluster.

Gateway cluster insights

In Log360 Cloud, the gateway cluster insights page provides valuable information about the gateway cluster, including its properties, health status, and mapped gateway servers.

In Log360 Cloud, you can gain insights into a gateway cluster by following these steps:

Login to your Log360 Cloud account.
Go to Settings → Configuration → Cloud Protection Settings.
Under Server, click on Gateway Servers.
Select the specific gateway cluster you wish to view and click on the Cluster Insights button.

The gateway cluster properties tab shows the details of the configurations, including the port, DPI mode, CA certificate, etc. The gateway servers tab lists the details of the gateway servers mapped to the cluster, including the server name, sync details, and status. The gateway cluster health tab shows the summarized details about the servers within the cluster, including each of the properties and their status.