Accessing the public internet
The IBM Cloud Framework for Financial Services does not recommend connecting to hosts on the public internet nor accepting connections from the public internet. When it is necessary to do so, you need to use either public gateways or floating IP addresses.
Public gateways and floating IP addresses
A public gateway enables a subnet and all its attached virtual server instances to connect to the internet. Subnets are private by default. After a subnet is attached to the public gateway, all instances in that subnet can connect to the internet. Although each zone has only one public gateway, the public gateway can be attached to multiple subnets.
Floating IP addresses are IP addresses that are provided by the system and are reachable from the public internet.
If you are an application provider from a technology vendor interested in becoming IBM Cloud for Financial Services Validated and want to enable outbound connectivity to the internet, then you will need to make sure you document the data flows and provide evidence that shows how any consumer data that might be leaving the boundary is secured. Similarly, for inbound connectivity, you will need to provide evidence demonstrating how your infrastructure cannot be compromised.
See External connectivity for more details on public gateways and floating IP addresses.