In principle, Security Gateway is an optional component. However, installing a Security Gateway is a prerequisite in the following use cases:
Monitoring of virtualized infrastructure
Security Gateway can poll your vCenter or standalone ESXi hosts to obtain information about all important resources that ESXi servers provision to your virtual machines (for example, CPU usage, memory consumption, and data-store related activity on your VMware platform). To acquire this information, Dynatrace needs a component installed in your environment that has access to the vCenter API.
Storing memory dumps
Dynatrace supports both automatic and manual capture and analysis of memory dumps on monitored hosts. Memory dumps need to be stored in a centralized location for download and analysis. Since such dumps are often large and can contain sensitive data, Dynatrace doesn't allow your to upload dumps to the Dynatrace cluster in the cloud. Instead you should set up a Security Gateway and configure it to serve as a host for memory dumps. The Dynatrace UI provides you with download URLs for the Security Gateway REST API that serves the dumps.
Controlling load distribution of AWS monitoring.
AWS service monitoring is a resource-intensive task. Therefore, to monitor more than 700 AWS services, you must install a Security Gateway to transfer the load on your own infrastructure.