A centralized internet gateway is a network design that routes all internet-bound traffic from the on-

premises infrastructure through a single point of egress, typically located at the data center or a

regional hub1. This approach allows the enterprise to apply consistent security policies and access

controls for SaaS applications, as well as optimize the bandwidth utilization and performance of the

WAN links2. A centralized internet gateway can use various technologies to provide connectivity to

SaaS applications, such as proxy servers, firewalls, web filters, and WAN optimizers3. However, a

cloud-based proxy server (option A) is not a part of the centralized internet gateway, but rather a

separate service that can be used to route traffic from the on-premises infrastructure to the SaaS

provider data center4. VPN connections (option C) and dedicated, private connections (option D) are

also not related to the centralized internet gateway, but rather alternative ways of providing secure

and reliable access to SaaS applications from the on-premises infrastructure5. Therefore, the correct

answer

is

option

B,

which

describes

the

basic

function

of

a

centralized

internet

gateway. Reference := 1: Designing and Implementing Cloud Connectivity (ENCC) v1.0, Module 1:

Cloud Connectivity Overview, Lesson 1: Cloud Connectivity Concepts, Topic: Centralized Internet

Gateway 2: Cloud OnRamp for SaaS, Cisco IOS XE Catalyst SD-WAN Release 17.3.1a and Later, Topic:

Centralized Internet Gateway 3: Architect and optimize your internet traffic with Azure routing

preference, Microsoft Azure Blog, Topic: Routing via the premium Microsoft global network 4: What

is SaaS? Software as a Service, Microsoft Azure, Topic: How SaaS works 5: How an application

gateway works, Microsoft Learn, Topic: Application gateway components