The Carbon Black Sensor Gateway in an on-prem component that acts as a bridge for all inbound and outbound communication between the Carbon Black sensors deployed on your workloads and the Carbon Black Cloud.
You host the Sensor Gateway on a Linux machine as a container image. Therefore, the Linux server must have a container running capability.
- When you operate a tightly controlled environment and want to ensure that your workloads are secure and not directly exposed to the Internet traffic.
- To remove the burden of owning, managing, and budgeting for additional proxy servers.
- When you have network environments where sensor communication with the Carbon Black Cloud is not possible due to corporate policy or compliance requirements.
The Sensor Gateway has a registration mechanism, which allows for communication only when registered with Carbon Black Cloud. It uses the API key mechanism to ensure no rogue Sensor Gateway servers can start communication with the Cloud.
The Sensor Gateway is reliable and highly available. You can deploy more than one Sensor Gateway servers and configure them in an HA mode (manually) to handle the traffic at an acceptable latency. If a Sensor Gateway server fails due to connection or resource threshold, you can spin up another Sensor Gateway instance to take over in managing the connections.
The Carbon Black Cloud console triggers notifications for Sensor Gateway server failure conditions, such as reaching maximum connections or resource capacity, or if the Sensor Gateway is down.
High Level Installation Workflow
The following diagram depicts the steps for installing and configuring various components in your system so the sensors can communicate with Carbon Black Cloud through the Sensor Gateway.