Dynatrace Security Gateway works as a proxy between Dynatrace OneAgent and Dynatrace Server. Security Gateway collects monitoring data, aggregates the data, and sends the data to Dynatrace Server using an encrypted HTTPS connection. Security Gateway is the only Dynatrace software component in your data center that requires full Internet access. The following image illustrates a network both with and without Dynatrace Security Gateway.
Install Security Gateway in a network segment that all instances of OneAgent can access. Otherwise, install one Security Gateway per segment if some instances of OneAgent won’t be able to reach Security Gateway. The rest of the setup is handled automatically.
Do I need to install a Security Gateway?
In principle, installing a Security Gateway is optional. If you decide to install Security Gateway, you will benefit from the advantages it offers. However, there are cases for which the installation of a Security Gateway is a prerequisite.
Do I need to install multiple Security Gateways?
Having more than one Security Gateway allows you to better manage large Dynatrace deployments. If you plan to install more than 100 OneAgents, it’s a good idea to deploy at least one Security Gateway.
With Dynatrace, you don’t need to worry about load balancing. If you install multiple Security Gateways in the same environment, your OneAgents and Security Gateways will configure themselves automatically to achieve optimal load balancing.
A single Security Gateway can manage up to 2,000 OneAgents. However, performance problems can arise at such high volume. If this happens, add at least one more Security Gateway to your network. You don’t need to install all Security Gateways initially—you can add additional Security Gateways at any time.
However, if you've set up several monitoring environments, it would be cumbersome to install and maintain multiple Security Gateways. Therefore, Dynatrace enables you to configure a single Security Gateway in support of multiple monitoring environments.