Evaluates whether a VPN Gateway has two vSwitches configured across zones to ensure cross-zone high availability. A VPN Gateway with two vSwitches configured is considered compliant.
Scenarios
By configuring two vSwitches in multiple zones for a VPN Gateway, an enterprise achieves cross-zone high availability, ensuring stable and secure remote connections even if one zone fails. This configuration is considered compliant.
Risk level
Default risk level: high.
You can change the risk level as needed.
Detection logic
Checks whether two vSwitches are configured for the VPN Gateway to ensure cross-zone high availability. A VPN Gateway with two vSwitches configured is considered compliant.
Rule details
|
Parameter |
Description |
|
Rule name |
Using multi-zone VPN Gateway |
|
Rule identifier |
|
|
Automatic remediation |
Not supported |
|
Rule trigger |
Configuration change |
|
Supported resource types |
ACS::VPN::VpnGateway |
|
Input parameters |
None |
Remediation guidance
For more information, see Create and manage VPN Gateway instances.