Prerequisites for using ZTNA
Learn about the prerequisites for using ZTNA technology on the Digibee Integration Platform.
Was this helpful?
Learn about the prerequisites for using ZTNA technology on the Digibee Integration Platform.
Was this helpful?
All communication between Edge Routers, as well as between Edge Routers and the Network controller, is secured with TLS.
For Edge Routers to function correctly, proxies and Web Application Firewalls need to be bypassed or configured to allow exceptions.
Deep packet inspection can lead to connectivity problems with Edge Routers.
Edge Routers only make outbound connections. They don’t require any inbound traffic to be initiated.
Inbound ports are not necessary.
Required ports:
80/TCP/UDP: Used to connect to the network controller for configuring the fabric/data layer.
443/TCP/UDP: Used to connect to the network controller for sessions and initial authentication.
6262/TCP/UDP: Used to connect to the network controller for software maintenance on the fabric/data layer.
The diagram below shows the requirements needed to connect the Edge Router to the network controller:
Since the Edge Router serves as a link between the Digibee side and the customer side, it’s essential for this component to access all the resources that will be shared. For example, if the customer wants to expose a database with the FQDN prod-db.customerdomain.me, the Edge Router must be able to resolve this DNS. To improve redundancy, the Edge Router should be configured in two separate infrastructures. This way, if one fails, the other Edge Router can handle all the traffic, allowing smart routing to work properly.
The customer is responsible for installing the Edge Router and must follow the steps that fit the requirements for each specific cloud environment:
Correctly sizing your Edge Router Virtual Machines (VMs) is crucial for achieving the required performance. Refer to the for guidelines on how to allocate CPU, RAM, and Disk Storage for the VM instances running the Edge Router.
