Accessing the public internet

Public gateways and floating IP addresses

A public gateway enables a subnet and all its attached virtual server instances to connect to the internet. Subnets are private by default. After a subnet is attached to the public gateway, all instances in that subnet can connect to the internet. Although each zone has only one public gateway, the public gateway can be attached to multiple subnets.

Floating IP addresses are IP addresses that are provided by the system and are reachable from the public internet.

If you are an application provider from a technology vendor interested in becoming IBM Cloud for Financial Services Validated and want to enable outbound connectivity to the internet, then you will need to make sure you document the data flows and provide evidence that shows how any consumer data that might be leaving the boundary is secured. Similarly, for inbound connectivity, you will need to provide evidence demonstrating how your infrastructure cannot be compromised.

See External connectivity for more details on public gateways and floating IP addresses.

Related controls in IBM Cloud Framework for Financial Services

The following IBM Cloud Framework for Financial Services controls are most related to this guidance. However, in addition to following the guidance here, do your own due diligence to ensure you meet the requirements.

Next steps

• Working with virtual servers in VPC reference architecture