Reference Architectures for the Access Gate.
A library of validated network topologies for deploying the Trout Access Gate in real environments. Each architecture covers base topology, traffic flows, and key configuration points.
Single Gateway Architecture.
Deploy the Access Gate alongside your existing gateway (Firewall & Router). Add zero-trust enforcement without modifying your current perimeter.
View Architecture
Double Gateway IT & OT. Defense In-Depth.
Extend protection into both IT and OT domains using two coverage modes. Granular traffic control for north-south and east-west flows.
View Architecture
Multi-Site. Distributed Deployments
Connect multiple facilities over secure tunnels. Extend enclaves between sites automatically.
View Architecture
Built for Real Industrial Networks.
Every architecture is designed around the constraints of operational environments. No downtime, no agents, no redesign.
Overlay-Based Deployment
All architectures use overlay networking to add zero-trust controls on top of your existing physical infrastructure. No VLAN restructuring, no re-cabling.
Traffic Flow Coverage
Each architecture documents north-south (VPN ingress) and east-west (lateral) flows — so you know exactly how traffic moves and where enforcement happens.
Incremental Adoption
Start with OT-only coverage and extend to IT. Or deploy single-site and expand to multi-site. Each architecture is a stepping stone, not a full replacement.
Multi-Site Ready
The multi-site architecture shows how enclaves extend across WAN links — giving you unified policy and visibility without a central cloud dependency.
Configuration Guidance
Every diagram includes key configuration points: what to connect, how to route traffic, and which policies to apply at the Access Gate level.
