A Private Wireless Gateway (PWG) is a tool available via the Telnyx portal and APIs that allows you to deploy physical devices, like an IoT device or a handset, to the edge of your corporate network in a highly secure and accessible manner.
This means that you can treat these physical devices similar to any other device that's connected to your corporate network, like a virtual machine in the cloud or a router in your data center.
This is relevant from a security standpoint because your devices are no longer directly connected to the public internet. While the public internet does not lower the quality of communications from IoT devices, it does make them more vulnerable. Security is the most important obstacle to overcome for any IoT deployment, and huge fleets of SIMs deployed onto the public internet are a major attack vector for bad actors.
Furthermore, because devices connected via a Private Wireless Gateway sit inside your own private IP address space, they are directly accessible. This means that you have more control, as all traffic to and from your SIM can now be passed through your own firewall or data loss prevention (DLP) platform.
Private Wireless Gateways are a dedicated piece of infrastructure that you can create via the Telnyx API or portal to ensure that the request flow of your data is entirely siloed from all other customers. PWGs connect to a virtual routing and forwarding (VRF) defined network on top of our MPLS backbone, which allows the SIM to connect directly to a variety of network interfaces. You can think of the VRF-defined network as a sliver of Telnyx's private IP network.
Virtual Cross Connects (VXC) or Wireguard Interface (Cloud VPNs) can also be connected to your VRF-defined network on top of our MPLS backbone to your corporate network and cloud infrastructure. All interfaces on the same VRF-defined network can see each other allowing traffic to flow from PWGs to Cloud VPNs and/or VXCs which bridge the Telnyx network to your corporate network.
In an upcoming feature release, Public Internet Gateways will enable public internet access on SIMs connected to your VRF-defined network.
The diagram below illustrates how these components fit together to deploy devices to the edge of your corporate network:
Private Wireless Gateways can be managed in the Wireless section of the Mission Control Portal.
Each Private Wireless Gateway must be associated with a Network. Networks can be created and managed in the Networking section of the Portal.
To create a private Wireless Gateway select the Create PWG button, enter the name of your PWG and associate it with one of your Networks.
Private Wireless Gateways are currently only available in Ashburn, VA. Adding more regions will empower you to create a PWG within close proximity to your SIM deployments reducing latency when egressing to both the internet and your corporate network. More regions will be released for this feature soon.
By default, a PWG will get assigned a private IP range of 100.64.199.0/24, allowing you to add 254 concurrently active SIMs to this gateway. The ability to customize this IP range is coming soon.
By default, a Private Wireless Gateway does not have any access to the internet. Opening your VRF-defined network out to the internet can be done manually at the moment. Just reach out to our support team using the chat function in the Mission Control Portal. In the future, another interface called a Public Internet Gateway can be added to your Network, opening it out to the public internet. Stay tuned for these exciting updates!