Completing your environment connectivity
Complete your network connectivity in your application by setting up direct networking connections and other network engineering tasks to ensure that users in your organization can access applications and integration services deployed in Pega Cloud Services through a secure Internet connection.
Setting up direct connections
Pega Cloud Services supports the following connectivity methods:
- Internet only
- Internet plus private connection
- Private connection only
For more information, see Pega Cloud Services Networking.
Pega Cloud Services recognizes this variety, and supports the following private networking methodologies of network connectivity to your Pega Cloud Services environments:
- AWS Direct Connect
- Virtual Private Cloud (VPC) Peering Connections
The VPN connection securely connects your existing network to your Pega Cloud Services environment through an IPSec VPN connection. For more information, see Pega Cloud VPN service.
For a VPN alternative, Pega Cloud Services supports the Amazon Web Services (AWS) Direct Connect service between your Pega Cloud Services virtual spaces and your physical infrastructure. For more information, see Configuring Amazon Web Services (AWS) Direct Connect in your Pega Cloud Services virtual private cloud.
Pega also supports using a virtual private cloud (VPC) peering connection to access your systems of record or transfer data between your Pega Cloud Services VPC and your Amazon VPC. VPC peering is a virtual connection within the AWS architecture that enables one-to-one networking connections between VPCs within the same region. For more information, see Requesting a virtual private cloud (VPC) peering connection.
Adding IP Addresses to an allow list
Most clients whose Pega Cloud Services applications are private (i.e., not accessible through an open Internet connection) will use a VPN connection between their network and their PCS environments, to provide a secure conection. Your users must have access through the VPN in order to use the PCS applications.
Occasionally, there will be an exception you may wish to make to allow a trusted user to access your VPC without going through the VPN. The IP addresses for these trusted users can be placed on an allow list. IP addresses on an allow list permit you to create a list of trusted IP addresses or ranges from which your users can access your domains publicly or privately without using a VPN connection.
To set up an allow list for your IP addresses, your Cloud Security Contact must approve this action; they should enter an SR, which will then be reviewed and approved by the Pega security team. For best security, only a small number of IP addresses should be added to an allow list. For more information, see Configuring public access between your Pega Cloud environment and your enterprise network.
Secure File Transfer Protocol (SFTP)
The Pega Cloud Services SFTP Service provides Pega Cloud Services clients with simple, secure file transfers to and from their Pega Cloud applications.If you have licensed the Pega Marketing application, SFTP is provisioned by default. If you are not using Pega Marketing, but still wish to use SFTP, you may purchase this service.
For more information on SFTP, please see Pega Cloud Services SFTP Service.