Updated on 2024-10-28 GMT+08:00

Overview

Scenario

With the development of hybrid clouds, there is also a growing need for companies to perform unified security management of on- and off-cloud or hybrid clouds. HSS supports the access and management of third-party cloud servers and on-premises IDCs. Users are allowed to use the same security policies on different clouds, preventing the risks caused by inconsistent security policies.

If your server cannot access the Internet, you can refer to this solution to connect your server to HSS through Direct Connect and VPC Endpoint for protection management. If your server can access the Internet, connect the server to HSS by referring to Installing the Agent for a Third-Party Server.

Architecture

Third-party servers communicate with VPCs on the cloud through Direct Connect, and then connect to HSS through VPC endpoint, as shown in Connecting a third-party server to HSS through Direct Connect and VPC endpoint.

  • Direct Connect establishes a dedicated network connection that features high speed, low latency, stability, and security between your on-premises data center and Huawei Cloud VPC. Direct Connect allows you to maximize legacy IT facilities and leverage cloud services to build a flexible, scalable hybrid cloud compute environment.
  • VPC Endpoint enables you to access Huawei Cloud services or your own private services securely. It provides flexible networking without having to use EIPs.
Figure 1 Connecting third-party servers to HSS through Direct Connect and VPC endpoint

Advantages

Compared with the Third-Party Servers Accessing HSS Through a Direct Connect and Proxy Servers solution, this solution does not require creating a proxy server or configuring Nginx, simplifying operations and reducing costs.

Limitations and Constraints

Currently, only CN East 2 and Southwest-Guiyang 1 are supported. Third-party servers can access HSS through Direct Connect and VPC endpoint.