Physical gateways

These are hardware-based gateways designed to be deployed on-premises. They can handle both ingress and egress traffic routing, meaning they can route traffic from the Enclave network to an external resource and vice versa. Physical gateways are typically used for IoT or vendor locked devices that require a physical connection to the Enclave network. They also can be used a bridge firewall, allowing you to transparently restrict access to resources outside of the Enclave network.

Configuration

On receiving your gateway, you will need to configure it before it can be used. The configuration process is as follows:

1. Power up the gateway.
2. Connect a computer (laptop or desktop) to the gateway on the LAN port.
3. Make sure nothing is plugged into the WAN port.
4. When the gateway is in this state, it serves a DHCP server on the LAN port. Refresh your DHCP lease on your computer if necessary to obtain an IP address from the gateway.
5. Open a web browser and navigate to https://192.168.183.1 to access the gateway's web interface.
6. Follow the prompts to set up the gateway. You will need to enter a registration code or agent token to register the gateway with your Enclave account. If you do not have a registration code or agent token, you can generate one in the Enclave management console (EMC).
7. Modify any additional settings as needed (i.e. network configuration)
8. Once finished, install the gateway in your network.

Necessary endpoints

If you employ a firewall, ensure that these endpoints are whitelisted. All connections originate with an outbound request, so if a stateful firewall is utilized, only outbound rules are necessary. The following table lists the necessary endpoints for a gateway to function properly:

Address	Protocol	Port	Description
168.220.81.59	TCP	1883	Enclave MQTT broker

In addition to these static endpoints, the gateway will need outbound access to the following URLs as these do not have static IP addresses and may change over time (:443 outbound):

• https://enclave.sidechannel.com
• https://downloads.enclave.sidechannel.com

Lastly, your gateway will require access to any beacons that are deployed in your organization. Reference the relevant addresses in the Enclave management console (EMC).

Ordering physical gateways

If you are interesting in ordering physical gateways, please contect our sales team at info@sidechannel.com for more information.