Skip to main content Skip to complementary content

Qlik Data Gateway - Direct Access overview

Businesses commonly enforce strict firewall policies that block external access to their data sources. This presents a challenge when such businesses need to access their data from the cloud for analytics. Qlik Data Gateway - Direct Access overcomes this challenge by eliminating the need to open inbound firewall ports. Operating behind your organization’s firewall, the Direct Access gateway allows Qlik Sense SaaS applications to securely access behind-the-firewall data, over a strictly outbound, encrypted, and mutually authenticated connection.

Information noteThe Direct Access gateway documentation always reflects the capabilities of the latest application version. If you’re not using the latest version, your system administrator is encouraged to upgrade immediately. For more information, see Qlik Data Gateway - Direct Access version history.
Qlik Cloud Government noteQlik Cloud Government supports using Qlik Data Gateway - Direct Access when the Windows platform where Qlik Data Gateway - Direct Access is installed is configured to run in a FIPS 140-2 approved mode of operation, also known as "FIPS mode". For more information, see System cryptography.

Qlik Data Gateway - Direct Access architecture

Direct Access Gateway architecture diagram

The high-level communication sequence is as follows:

  1. The Direct Access gateway establishes a mutually authenticated and encrypted connection to Qlik Cloud, using HTTPS.

  2. Qlik Cloud sends a load statement (query) to the Direct Access gateway.

  3. The Direct Access gateway relays the query to the relevant data source.

  4. The data is then pushed (streamed) directly from the data source to Qlik Cloud over WSS.

Information noteData is always in transit and never physically resides on the Direct Access gateway server. A unique key-pair is established for each Direct Access gateway server connected to the Qlik Cloud tenant. This key pair is used for authentication and for end-to-end data encryption on top of the HTTPS transport level encryption.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!