Internet Access Gateways and Corporate Network Locations

Manage Internet Access Gateways and corporate network locations to monitor, analyze, and control web activities on known locations, such as the corporate headquarters, a branch office, or company VPN.

In addition to the Cloud Gateway, Internet Access also provides a flexible option to deploy one or more local on-premises gateways in your organization's network as a hybrid protection solution.

The Gateways tab in the Internet Access Configuration screen allows you to manage Internet Access Cloud and On-Premises Gateways to identify your corporate network locations.

  • Internet Access Cloud Gateway: Specify the externally-facing IP addresses of your organization's internet gateways and register the IP addresses to the Internet Access Cloud Gateway.

  • Internet Access On-Premises Gateway: Deploy a Service Gateway virtual appliance and enable the Zero Trust Internet Access On-Premises Gateway service to indicate the corporate locations managed by each server.

Tip:

  • Trend Micro Vision One can inspect HTTPS/HTTP traffic forwarded to an Internet Access Gateway (such as the Cloud Gateway) from corporate network locations to determine whether users are allowed to visit cloud apps or external URLs based on applied secure access rules.

  • The Internet Access Cloud Gateway also controls HTTPS/HTTP traffic when users are accessing from outside your corporate locations, such as users connecting to public Wi-Fi networks or working from home.

The following table outlines the actions and information available on the Gateways tab.

Action

Description

Add a corporate network location to the Internet Access Cloud Gateway

Click +Corporate Network Location to specify one or more IP addresses from a known location.

For more information, see Adding Corporate Locations to the Internet Access Cloud Gateway.

View corporate network location details

View basic information about a corporate network location, such as:

  • Status: Whether all configured IP addresses for the corporate network location are verified

    Note:

    • If the status of the Gateway is Pending, it means the status of each configured IP address is Pending.

    • When an HTTPS/HTTP request from a configured IP address is transmitted to the Gateway, the status of the IP address changes to Verified, and the status of the Gateway changes to Partially verified.

    • When all the configured IP addresses are verified, the status of the Gateway changes to Verified.

    • If there is no HTTPS/HTTP request from a configured IP address in Pending status within one week, the IP address is removed from the Gateway automatically.

  • IP address: The public IP addresses of your organization's internet gateways

  • Time zone: The time zone of the corporate network location

  • User authentication: Users are always required to authenticate themselves when their HTTP/HTTPS requests are forwarded to the cloud gateway.

Deploy an Internet Access On-Premises Gateway

Click Add On-premises Gateway Location and deploy an on-premises gateway in the Service Gateway Management app.

View Internet Access On-Premises Gateway details

View basic information about an on-premises gateway, such as:

  • Host name/FQDN: The host name or FQDN of the Service Gateway virtual appliance enabled with the Zero Trust Internet Access On-Premises Gateway service

  • Status: The status of the Zero Trust Internet Access On-Premises Gateway service on the corresponding Service Gateway virtual appliance

  • Version: The version of the Zero Trust Internet Access On-Premises Gateway service

  • IP address: The public IP address of the corresponding Service Gateway virtual appliance

  • Time zone: The time zone of the corresponding Service Gateway virtual appliance

  • User authentication: Users are always required to authenticate themselves when their HTTP/HTTPS requests are forwarded to the cloud gateway.

  • Last communication: The most recent time when the Zero Trust Internet Access On-Premises Gateway service communicated with Internet Access

Configure an Internet Access Gateway

  • To change the basic information about a corporate network location or an Internet Access On-Premises Gateway, click of the corresponding location or gateway.

  • To delete a corporate network location from the Internet Access Cloud Gateway, click of the corresponding location.

  • To disable an Internet Access On-Premises Gateway, toggle the Zero Trust Internet Access On-Premises Gateway service off on the associated Service Gateway virtual appliance in the Service Gateway Management app.

  • To view details about a Service Gateway virtual appliance enabled with the Zero Trust Internet Access On-Premises Gateway service, click .

  • To update the Zero Trust Internet Access On-Premises Gateway service status to the latest version, click and update the service in the Service Gateway Management app.
Parent topic: Internet Access Configuration