Manage Gateways

A Gateway is a grouping of Gateway Instances that share the same configuration. To ensure high availability, Entrust recommends adding at least two Gateway Instances. Once deployed, each Gateway Instance includes the Database Agent, which handles all database-related communication required by the Gateway.

• Database Agent: Handles all database communication required by the Gateway.

Note: An Identity as a Service Gateway is hardened as required by the CIS Hardening Standards Level 1. See the Center for Internet Security for more information about the standards.

Prerequisites

• You must be an administrator with Enterprise Gateway and Agents Management permission to administer Gateways. See Create and assign roles for more information.

• For Enterprise Service Gateways that connect to Instant ID as a Service, you must configure your firewall to allow connections to your Instant ID as a Serviceaccount. Instant ID as a Service uses HTTPS on port 443.

Identity as a Service Gateway port information

• The Identity as a Service Gateway and its agents connect to Identity as a Service on port 443.

• A VPN uses the UDP protocol to connect a RADIUS agent within the Identity as a Service Gateway. The RADIUS agent uses port 1812 by default.

• The Entrust IdentityGuard application connects to the Entrust IdentityGuard agent over TCP. The Entrust IdentityGuard application must be configured to use port 8443 over TLS.

Topics in this section:

• Create and Configure a Gateway Instance

• Add a Gateway Instance

• Enable and disable Gateways, Gateway Instances, and Gateway agents

• Upgrade a Gateway Instance

• Enable SSH on an Enterprise Service Gateway

• Manage Gateway certificates