Which Security Gateway types does Dynatrace provide?

Dynatrace provides different types of Security Gateways. Security Gateways are the only endpoints used by OneAgents to send data to Dynatrace Server.

Private Security Gateway

A private Security Gateway is downloaded by you from your Dynatrace environment and installed within the your infrastructure. A private Security Gateway is bound to your environment, and is thus only capable of handling traffic from OneAgents that belong to the same environment as the Security Gateway.

A private Security Gateway can only handle traffic from OneAgents, not from other Security Gateways. A private Security Gateway can communicate to Dynatrace server either directly or via a public Managed Security Gateway.

The following type applies to Dynatrace Managed installations only.

Public Managed Security Gateway (relevant only for Dynatrace Managed)

A public Managed Security Gateway is downloaded by you from your Dynatrace Managed cluster and installed within your infrastructure. A public Managed Security Gateway is capable of handling all traffic that belongs to a Dynatrace Managed cluster (i.e., Security Gateway knows about all environments within the cluster).

Public Managed Security Gateways are typically used to set up a OneAgent connection point in some distant location (for example, a separate data center) or as a dedicated entry point into an otherwise secure location (for example, to allow receipt of messages from mobile applications, or Dynatrace synthetic test data).