Qlik Data Gateway - Data Movement overview
Connecting to data sources located behind your firewall must be done using Qlik Data Gateway - Data Movement.
Operating behind your organization’s firewall, Qlik Data Gateway - Data Movement allows you to move data from your enterprise data sources to cloud targets, over a strictly outbound, encrypted and mutually authenticated connection. By eliminating the need to open inbound firewall ports, Qlik Data Gateway - Data Movement provides a secure and trusted means for accessing your enterprise data.
Qlik Cloud Government supports using Qlik Data Gateway - Data Movement when the Linux platform where Qlik Data Gateway - Data Movement is installed is configured to run in a FIPS 140-2 approved mode of operation, also known as "FIPS mode".
Security
A unique key-pair is established for each Data Movement gateway server connected to the Qlik Cloud tenant. This key pair is used for authentication and for end-to-end data encryption on top of the HTTPS transport level encryption. Additionally, as communication with Qlik Cloud and data transfer is initiated via outbound ports only, you do not need to open any inbound ports to your corporate network.
Data Movement gateway architecture
Qlik Data Gateway - Data Movement Architecture
The high-level communication sequence is as follows:
-
The Data Movement gateway establishes a mutually authenticated and encrypted connection to Qlik Cloud, using HTTPS.
-
Qlik Cloud sends the landing task execution instructions to the Data Movement gateway, which in turn reports the task status to Qlik Cloud.
-
The Data Movement gateway pushes the data from the enterprise data source to the data warehouse target.