Completing your environment connectivity
Setting up direct connections
Organizations can manage their internal and customer networks in a variety of standard ways. You have access to applications and integration services deployed in the VPC through a secure Internet connection. Pega Cloud supports the following connectivity methods:
- Internet only
- Internet plus private connection
- Private connection only
For more information, see Pega Cloud Services Networking.
Pega Cloud recognizes this variety, and supports the following private networking methodologies of network connectivity to your Pega Cloud environments:
- AWS Direct Connect
- Virtual Private Cloud (VPC) Peering Connections
The VPN connection securely connects your existing network to your PCS environment through an IPSec VPN connection. For more information, see the Pega Cloud VPN service article.
For a VPN alternative, Pega Cloud Services supports the Amazon Web Services (AWS) Direct Connect service between your PCS virtual private cloud (VPC) and your physical infrastructure. For more information, see Configuring Amazon Web Services (AWS) Direct Connect in your Pega Cloud Services virtual private cloud.
Pega also supports using a virtual private cloud (VPC) peering connection to access your systems of record or transfer data between your Pega Cloud Services VPC and your Amazon VPC. VPC peering is a virtual connection within the AWS architecture that enables one-to-one networking connections between VPCs within the same region. For more information, see Requesting a virtual private cloud (VPC) peering connection.
Adding IP Addresses to an allow list
Most clients whose Pega Cloud Services applications are private (i.e., not accessible through an open Internet connection) will use a VPN connection between their network and their PCS environments, to provide a secure connection. Your users must have access through the VPN in order to use the PCS applications.
Occasionally, there will be an exception you may wish to make to allow a trusted user to access your VPC without going through the VPN. The IP addresses for these trusted users can be placed on an allow list. IP addresses on an allow list permit you to create a list of trusted IP addresses or ranges from which your users can access your domains publicly or privately without using a VPN connection.
To set up an allow list for your IP addresses, your Cloud Security Contact must approve this action; they should enter an SR, which will then be reviewed and approved by the Pega security team. For best security, only a small number of IP addresses should be added to an allow list. For more information, see Configuring public access between your Pega Cloud environment and your enterprise network.
Secure File Transfer Protocol (SFTP)
The Pega Cloud Services SFTP Service provides Pega Cloud Services clients with simple, secure file transfers to and from their Pega Cloud applications.If you have licensed the Pega Marketing application, SFTP is provisioned by default. If you are not using Pega Marketing, but still wish to use SFTP, you may purchase this service.
For more information on SFTP, please see Pega Cloud Services SFTP Service.