Overview
Welcome to this custom, pre-configured NAT-Gateway appliance built on the Cohesive Networks VNS3 Platform that provides comparable functionality and performance but at a lower price to the cloud platform NAT Gateways.
NO DATA TAXES! There is no additional "taxation" for your data to pass through the NATe device - except for standard cloud traffic charges.
What is included? This device includes firewall functions allowing outbound source and port NAT-ing and can limit outbound NAT to specific ports or destination addresses. Additionally, plugins can be used to provide outbound WAF or outbound URL filtering to a small "allow list" or via connection to a URL filtering service like Webroot's BrightCloud offering.
This configuration DOES NOT include multi-cloud, site-to-site connectivity, or a number of other capabilities provided by the VNS3 Application Security Controller.
NOTE: All VNS3 controllers regardless of SKU (including this edition) can be live upgraded to provide any capabilities your cloud use-case requires.
How do I connect? Run this instance in its own subnet with its own Route Table. In the route table for the NATe instance - set a 0.0.0.0/0 route to the VPC's Internet gateway. For other instances to use NATe as the NAT Gateway, their routing table should have a 0.0.0.0/0 route pointing to the NATe instance/network interface.
Highlights
- Function as outbound NAT-Gateway using inexpensive instance types for most use-cases (No Throughput Limitation).
- Firewall can be configured for secure inbound NAT using port redirection.
- Allows one remote VPN user connection for secure remote admin.
Details
Typical total price
$0.014/hour
Pricing
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
|---|---|---|---|
t2.nano | $0.005 | $0.006 | $0.011 |
t2.micro AWS Free Tier | $0.005 | $0.012 | $0.017 |
t2.small | $0.005 | $0.023 | $0.028 |
t2.medium | $0.005 | $0.046 | $0.051 |
t2.large | $0.005 | $0.093 | $0.098 |
t2.xlarge | $0.005 | $0.186 | $0.191 |
t2.2xlarge | $0.005 | $0.371 | $0.376 |
t3.nano | $0.005 | $0.005 | $0.01 |
t3.micro AWS Free Tier | $0.005 | $0.01 | $0.015 |
t3.small | $0.005 | $0.021 | $0.026 |
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
VNS3 versions 6.2.9 and 6.6.8 are now available with critical security updates. These releases address vulnerabilities discovered through Trend Micro's Zero Day Initiative program and include important system upgrades. The underlying OS has been updated incorporating security patches for various libraries and components. Specific fixes address ZDI-CAN-24160, ZDI-CAN-24176, ZDI-CAN-24177, and ZDI-CAN-24178, resolving issues where improperly parsed input could potentially allow for remote code execution (require access to port 8000 to be exploited). We've also enhanced our API and UI parsing code to improve security further. While VNS3 instances with TCP port 8000 locked down are not vulnerable to outside attacks, we strongly recommend all customers upgrade to these latest versions for optimal security.
For more information, see the VNS3 Release Notes - https://docs.cohesive.net/docs/vns3/release-notes/ .
Cohesive Networks support staff is available to help with your deployment or upgrade. Create a ticket on our support system (http://support.cohesive.net ) for assistance.
Additional details
Usage instructions
Usages Instructions:
- Launch the instance in its own public VPC subnet.
- Create a specific Route Table associated with the VPC subnet and create a 0.0.0.0/0 destination route with the target of the VPC's Internet gateway.
- Launch the VNS3 NATe Free instance in the VPC subnet created in step one using its own Security Group
- Configure the VNS3 NATe security group to allow inbound traffic from any subnet address range that will be using the NATe instance as the NAT Gateway.
- Disable the VNS3 NATe source/destination check.
- Once the instance is running, access the UI via browser at https://<public_dns>:8000 with vnscubed as the username and the instance id as the password (See Configuration Document).
- Set up other VPC subnets to use the NATe instance as the NAT Gateway by updating those associated Route Tables with 0.0.0.0/0 destination routes with a target of the NATe instance-id/network interface id.
Resources
Vendor resources
Support
Vendor support
Standard email support included support@cohesive.net
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
