About the VRA

Firewall

To protect your environment from external threats, the IBM Cloud® Virtual Router Appliance can be used as a firewall. You can add firewall rules to allow or deny inbound or outbound network traffic to the ports on which your application runs, and you can filter the traffic within your own networks. The IBM Cloud® Virtual Router Appliance also can be configured to perform stateful IPv4 and IPv6 filtering to protect your critical data.

Virtual Private Network (VPN) gateway

Connect your onsite data center or office to the IBM Cloud with VPN tunneling by provisioning your IBM Cloud® Virtual Router Appliance as a network gateway device. You can use an IPsec site-to-site VPN tunnel for secure communication to your IBM Cloud network. Other VPN options are; Remote access IPsec VPN (client-to-site), OpenVPN, GRE, L2TP, and DMVPN.

Have a look at the Brocade VPN configurations guides in the Supplemental VRA documentation section.

Network Address Translation (NAT)

With the IBM Cloud® Virtual Router Appliance, you can provision application and database servers without public network interfaces while still allowing your servers to access the internet by using Source NAT. You can also hide your servers behind the gateway device with Destination NAT for enhanced security.

Enterprise-grade routing

For multi-tiered applications on different isolated networks, the IBM Cloud® Virtual Router Appliance gives you flexible ways to build connectivity between these networks. You can set up dynamic routing by using BGP to announce your own public IP space on the IBM Cloud routers. BGP also offers more flexibility for custom private network configurations when using various tunnels and Direct Link solutions.

Have a look at the Brocade BGP configurations guides in the Supplemental VRA documentation section.