VK Cloud logo
Support
Updated at April 15, 2024   03:53 AM

Infrastructure protection with UserGate NGFW

You can configure a firewall to protect your infrastructure from network attacks using the UserGate NGFW service. Its features:

  • protection against attacks;
  • traffic management;
  • users authentication;
  • blocking malicious content when browsing external Internet resources.

This instruction will help you deploy the UserGate NGFW service on a VM in VK Cloud, connect to the UserGate NGFW console and add a new network through the service console.

By using the UserGate NGFW service, you agree to the license agreements of Marketplace and UserGate.

Preparatory steps

  1. Register at VK Cloud.

  2. Create a network with the Internet access, if one has not already been created.

  3. In the settings of the subnet where the VM with the deployed service will be located, disable the Private DNS option.

  4. Deploy the UserGate NGFW service:

    • Select the previously created network with Internet access and subnet.
    • Choose other parameters at your discretion.

    After the installation is complete, you will receive a one-time link to your login and password by email. Write them down. The service will be deployed at an address like https://<external IP address of the VM>:8001 (the UserGate console).

  5. (Optional) Configure an intermediate server (jump host) for the service VM to increase operational security.

1. Add a network to the service

  1. Go to the UserGate console directly via the IP of the virtual machine or through the intermediate server.

  2. At the language selection step, specify English.

  3. At the time zone selection step, specify Europe/Moscow.

  4. Read and accept the terms of the license agreement.

  5. At the step of installing the first node, specify the login and password received after deploying the service.

  6. Click the Start button.

    The UserGate console dashboard will open.

  7. Go to SettingsNetworkInterfaces. Make sure that there is one network adapter in the Current node group (the network selected during the service deployment stage).

  8. Go to your personal account at VK Cloud.

  9. Go to Cloud ServersVirtual.

  10. Open the page of the service VM (usually <identifier>usergate) by clicking on its name in the list.

  11. Go to the Networks tab.

  12. Connect the required network to the VM.

  13. Reboot the VM using VK Cloud or via the UserGate console.

2. Check for the added network

  1. Go to the UserGate console directly via the IP of the virtual machine or through the intermediate server.
  2. Go to SettingsNetworkInterfaces.
  3. Make sure that the new network adapter has appeared in the Current node group. It will be inactive.

For advanced service configuration, use the official UserGate NGFW manual.

Delete unused resources

The running service infrastructure consumes computing resources. If you no longer need it:

  • Delete the UserGate NGFW service instance.
  • Delete the network used for the service.
  • Delete the floating IP address created during service deployment.

Did not find your answer?Write to us

© 2024 VK Cloud
Privacy Policy