Prerequisites and System Requirements

To deploy the Ivanti Connect Secure Virtual Appliance on GCP, you need the following:

Google Cloud Platform account

Access to the GCP portal (https://cloud.google.com/ )*

Ivanti Connect Secure Virtual Appliance Image

Ivanti Connect Secure licenses **

Ensure that you have enough IP address in your region

Ensure that you have already created VPC network for each interface, as this is required while you deploy VM instances.

Before you begin

Before you start, make sure you have the following information and files:

An identifying name for the ICS Gateway.

The Gateway geographic location.

The ICS Gateway GCP virtual machine image: https://pulsezta.blob.core.windows.net/gateway/nsa/<package name>.tar.gz

Download a copy of the GCP Gateway image as a compressed TAR archive file, then decompress the archive to a local workstation. Make sure that the resulting file set is accessible from the Google Cloud Platform Console.

(Optional) GCP Gateway YAML templates, suitable for automating the creation of your GCP VM instances. Choose from:

To deploy in an existing VPC:

https://pulsezta.blob.core.windows.net/gateway/nsa/templates/GCP<package name>/ivanti-ics-2-nics-existing-vpc.zip

https://pulsezta.blob.core.windows.net/gateway/nsa/templates/GCP/<package name>/ivanti-ics-3-nics-existing-vpc.zip

To deploy in new VPC:

https://pulsezta.blob.core.windows.net/gateway/nsa/templates/GCP/<package name>/ivanti-ics-2-nics-new-vpc.zip

https://pulsezta.blob.core.windows.net/gateway/nsa/templates/GCP/<package name>/ivanti-ics-3-nics-new-vpc.zip

Credentials for the Google Cloud Platform Console.

These credentials must include sufficient permissions to create a virtual machine from a template image.

Additionally, to manually specify GCP Gateway network interface settings:

The primary (and optional secondary) DNS server IP address, and search domain.

The required internal/private subnetworks must already be defined on Google Cloud Platform, including firewall settings. All required firewall settings for this interface are shown below.

Refer to the Google Cloud Platform documentation for details.

The required external/public subnetworks must already be defined on Google Cloud Platform, including firewall settings. All required firewall settings for this interface are shown below.

Refer to the Google Cloud Platform documentation for details.

(Optional) Any required management subnetwork must already be defined on Google Cloud Platform, including firewall settings. All required firewall settings for this interface are shown below.

Refer to the Google Cloud Platform documentation for details.