About the VRA

Firewall

To protect your environment from external threats, the IBM Cloud® Virtual Router Appliance can be leveraged as a firewall. You can add firewall rules to allow or deny inbound or outbound network traffic to the ports on which your application runs, and you can filter the traffic within your own networks. The IBM Cloud® Virtual Router Appliance also can be configured to perform stateful IPv4 and IPv6 filtering to protect your critical data.

Virtual Private Network (VPN) gateway

Connect your on-site data center or office to the IBM Cloud using VPN tunneling by provisioning your IBM Cloud® Virtual Router Appliance as a network gateway device. You can use an IPsec site-to-site VPN tunnel for secure communication from your enterprise data center or office to your IBM Cloud network. Other VPN options are; Remote access IPsec VPN (client-to-site), OpenVPN, GRE, L2TP and DMVPN.

Have a look at the Brocade VPN configurations guides in our Supplemental VRA documentation section.

Network Address Translation (NAT)

With the IBM Cloud® Virtual Router Appliance, you can provision application and database servers without public network interfaces while still allowing your servers to access the internet using Source NAT. You can also hide your servers behind the gateway device with Destination NAT for enhanced security.

Enterprise-grade routing

For multi-tiered applications on different isolated networks, the IBM Cloud® Virtual Router Appliance gives you flexible ways to build connectivity between these networks. You can set up dynamic routing using BGP, which allows you to announce your own public IP space on the IBM Cloud routers. BGP also offers more flexibility for custom private network configurations when using various tunnels and direct link solutions.

Have a look at the Brocade BGP configurations guides in our Supplemental VRA documentation section.