• Product

      Product

      Application Security Platform

      Use Cases

      Shift Left & DevSecOps Supply Chain Security Software Bill of Materials (SBOM) Container Runtime Security & Compliance Cloud Native Application Security
      What is Deepfactor and How Does It Work?
      4-Minute Video
      What is Deepfactor and How Does It Work? >
  • Pricing
    • Pricing Plans
  • Resources

      Resources

      All Resources Next-Gen AppSec Series Case Studies Demos Videos Glossary Webinars Whitepapers Workshops Latest Blogs Documentation
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps
      Whitepaper
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps >
  • Company
    • About
    • Leadership
    • Partners
    • News and Events
    • Careers
    • Contact Us
  • LOGIN
Cisco Logo Deepfactor is now part of Cisco | Learn more
Learn more
Deepfactor Logo
  • Product

      Product

      Use Cases

      Application Security Platform

      Use Cases

      Shift Left & DevSecOps Supply Chain Security Software Bill of Materials (SBOM) Container Runtime Security & Compliance Cloud Native Application Security
      What is Deepfactor and How Does It Work?
      4-Minute Video
      What is Deepfactor and How Does It Work? >
  • Pricing
    • Pricing Plans
  • Resources

      Resources

      All Resources Next-Gen AppSec Series Case Studies Demos Videos Glossary
      Webinars Whitepapers Workshops Latest Blogs Documentation
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps
      Whitepaper
      Implement Effective Next-Gen Container Runtime Security in Kubernetes and Cloud Native Apps >
  • Company
    • About
    • Leadership
    • Partners
    • News and Events
    • Careers
    • Contact Us
LOGIN
Deepfactor's Application Security Platform will no longer be offered for sale or renewal effective September 20, 2024.

Getting Started

  • QuickStart Guide
  • Install Deepfactor CLI
  • Deepfactor Support Matrix

Tutorials

  • SBOM & SCA
    • Artifact Releases
    • Deepfactor Scanner
    • Integrate Deepfactor scanner in your CI/CD pipelines
    • Scanning container images from private registries using Deepfactor CLI
    • Scan container images in K8s cluster
      • Scanning images from private registries in K8s cluster using Deepfactor
      • Scanning container images from private registries with basic authentication support in K8s
      • Scanning container images from private AWS Elastic Container Registry (ECR) in EKS on AWS Fargate
      • Scanning container images from private AWS Elastic Container Registry (ECR) in EKS on AWS EC2
  • Runtime Security
    • Introduction to Deepfactor Runtime Security
    • Deepfactor CLI Reference
    • Kubernetes workload
      • Run your Kubernetes workload with Deepfactor
      • Install Deepfactor Mutating Webhook
      • Configure Deepfactor Kubernetes admission webhook
      • Install Deepfactor K8s webhook on EKS Fargate
      • Selecting the pods you want to run with Deepfactor
      • Configuring application name, component name and component version in K8s webhook
      • Install Deepfactor mutating admission webhook using Argo CD
      • Install Deepfactor portal & webhook using Argo CD and vault
      • Use image pull secret for Runtime images
    • Containers/Other orchestration platforms
      • Run your Container Images with Deepfactor
      • Run containers in ECS with Deepfactor
    • Non-containerized workloads
      • Running non-containerized applications with Deepfactor

Deepfactor Platform

  • Introduction to Deepfactor
  • Alert Policies
  • Alert States and Triaging Flows
  • Deepfactor’s Correlation Capabilities
  • Organization and Teams
  • Role Based Access Control
  • Insights Knowledge Base
    • Privilege Separation and Privilege Dropping
    • Buffer Overflow Alerts
  • Knowledge Base
    • Deepfactor scan errors
    • K8s Webhook & Runtime Troubleshooting Guide
    • Tools for viewing CycloneDX and SPDX SBOMs
    • Graceful handling of pod restarts
    • Deepfactor telemetry events
    • Deepfactor Instrumentation Warning Messages
    • Best Practices for running your applications with Deepfactor in production environments
    • Golang Specific Notes
    • How to access Deepfactor Portal in different AWS subnet types
    • How the Deepfactor Management Portal Communicates With The Outside World
    • Language Specific Agents (LSA)
    • Mixed libc environments
    • Sensitive Information and Secrets in Process Environment Remediation
    • Running HAProxy with Deepfactor
    • Augmenting Alert Evidence with Runtime Stack Traces
  • FAQs
    • General FAQs
    • Open Source Disclosure

Integrations

  • Single Sign On (SSO) for authentication to Deepfactor
  • Integrate Jira with Deepfactor
  • Integrate Slack with Deepfactor
  • Okta
  • Deepfactor HTTPS webhook

Self managed Deepfactor portal

  • Deepfactor Portal architecture & deployment options
  • Install Self managed Deepfactor portal
    • Kubernetes Cluster
      • Prerequisites for deploying Deepfactor portal in Kubernetes Cluster
      • Deploying Deepfactor Portal in your Kubernetes Cluster
      • Install Deepfactor portal using Helm
      • Customizing Deepfactor portal deployment
        • Customizing your Deepfactor Portal Deployment in K8s
        • Deploy Deepfactor Portal With Resource Limits
        • Deploying Deepfactor Portal using external IP
        • Deepfactor Portal Installation with Existing Ingress Controller
    • AWS EC2
      • Prerequisites for installing Deepfactor Portal in AWS Cloud
      • Deploying Deepfactor on AWS using CFT
      • Install AWS Certificate Manager(ACM) certificate on Deepfactor portal EC2 instance
    • VMWare vSphere
      • Deepfactor Portal Proxy Configuration for OVA deployments
      • Prerequisites for deploying Deepfactor portal in VWware vSphere
      • Deploying Deepfactor on VMware vSphere
  • Manage Deepfactor Portal
    • Using Deepfactor APIs
    • Managing Users
    • Updating your Deepfactor Portal
    • Updating Deepfactor portal certificate
  • Deepfactor Portal Certificate
    • Generate certificate using cert-manager for Deepfactor portal
    • Create self-signed certificate for Deepfactor Portal on your K8s cluster
    • Create AWS Private CA Certificate for Deepfactor Portal on your K8s cluster
    • Create Let’s Encrypt certificate for Deepfactor Portal on your K8s cluster

Release Notes

  • Deepfactor Release Notes
  • Home
  • Docs
  • Deepfactor Platform
  • Knowledge Base

How to access Deepfactor Portal in different AWS subnet types

AWS gives you the flexibility of configuring your network as per your company’s security guidelines. In this article, we will explore some of the common types of network configurations and how to deploy and access the Deepfactor Portal in such network configurations.

Type of subnets #

In AWS you can setup different types of subnets, the most common being the following:

  1. Public Subnet
  2. Private Subnet

You can read more about how they behave and how you can set them up here: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html

Excerpt from the above article

The instances in the public subnet can send outbound traffic directly to the internet, whereas the instances in the private subnet can’t. Instead, the instances in the private subnet can access the internet by using a network address translation (NAT) gateway that resides in the public subnet.

Auto Assign Public IP #

For each subnet, AWS provides the option of auto assigning a public IP to the instance launched in that subnet.

You can read more about IP addressing in AWS VPC here: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html

Please note:

  1. The auto-assigned public IP come from a global pool and is subject change when the instance is restarted.
  2. Even if a public IP is assigned to an instance in the private subnet, it cannot be reached directly from the internet.
  3. If an instance in the public subnet is not assigned a public IP, it can be reached over its private IP using AWS VPN.

Accessing Deepfactor Portal for different configurations #

When you deploy Deepfactor Portal in your AWS environment using CFT, you are asked to specify the subnet and also a custom hostname for your portal. If you do not specify the custom hostname, the public-hostname of the EC2 instance is used. If public-hostname is not present (a public IP wasn’t assigned to the EC2 instance), then the private hostname is picked and if even that is not available, then the private IP address is used.

Note:

1. Deepfactor runtime, the piece that sits alongside your running application, that is responsible for sending telemetry to the Deepfactor portal uses this hostname to communicate with the portal. So, if you are planning to use an ELB in front of the Deepfactor Portal, please ensure you give the ELB hostname in this field so the runtime can connect to the portal through the ELB using HTTPS protocol.

2. If you provide a custom hostname, ensure that it can be resolved from your running application, so the Deepfactor runtime can connect to the portal and send telemetry.

Given below is a combination of different types of subnets and parameter values and how you can access the Deepfactor Portal in each scenario. CustomPortalHostName, PublicPortalUrl and PrivatePortalUrl can be found in the outputs section of the CFT stack creation screen.

Subnet Type EIP assigned Auto Assign Public IP Portal Hostname specified DNS entry required DNS points to VPN Required Access Portal using
Private x x Yes Yes Private IP Yes CustomPortalHostName
Private x x No No Yes PrivatePortalUrl
Public Yes x Yes Yes EIP No CustomPortalHostName
Public Yes x No No No PublicPortalUrl
Public No Yes Yes Yes Auto assigned public IP No PublicPortalUrl
Public No No Yes Yes Private IP Yes CustomPortalHostName
Public No Yes No No No PublicPortalUrl
Public No No No No Yes PrivatePortalUrl

 

Was this article helpful?
Still stuck? How can we help?

How can we help?

Updated on June 29, 2021
How the Deepfactor Management Portal Communicates With The Outside World

Powered by BetterDocs

Table of Contents
  • Type of subnets
  • Auto Assign Public IP
  • Accessing Deepfactor Portal for different configurations
Deepfactor Icon

Deepfactor is a next-gen application security platform, using static container scan data + runtime analysis to prioritize vulnerabilities to those representing true risk to a business—based on reachability, runtime usage, deployment context, and exploit maturity.

Product Pricing Resources Company Documentation Login

SUBSCRIBE TO OUR NEWSLETTER!

Sign Up
LinkedIn Icon YouTube Icon GitHub Icon Twitter Icon

© 2025 Deepfactor, Inc. All Rights Reserved.

Privacy Statement | Terms of Service | Open Source Disclosure