Popular Use Cases

Overview of OpenVPN Cloud and its Benefits

OpenVPN Cloud vertically integrates essential network security functions — firewall-as-a-service (FWaaS), intrusion detection and prevention systems (IDS/IPS), DNS-based content filtering, and zero-trust network access (ZTNA) — with multi-tenant network virtualization and advanced routing technologies to create an on-demand secure private overlay network for businesses of any size.

A key benefit of this secure overlay network is that it provides access to private business applications hosted in multiple on-premises and virtual private cloud networks using application domain names (e.g., app.mycompany.com) alone. Additionally, combining a secure private overlay network and application name-based routing benefits a business by:

• Lowering the amount of data networking expertise needed by eliminating the complexity of routing by IP addresses and private IP address space management

• Expanding access to all types of applications, not just web applications, with support for all TCP and UDP application protocols

• Enabling networking of private networks, even if IP address subnet ranges conflict due to overlap

• Providing access from one network to applications hosted in another network instead of creating a full-access site-to-site connection between those networks

• Using ZTNA principles with policies based on the identity of the entity to provide needed applications access and application-based network segmentation to prevent lateral movement;

• Securing SaaS application access by tunneling traffic to those application domain names to a customer-owned internet gateway while allowing other internet traffic to use local direct internet access

• Providing the flexibility to tunnel all internet traffic from connected entities to one or more customer-owned internet gateways for applying corporate internet access security policies or restricting internet access to designated trusted destinations

• Securing and routing traffic to specialized applications from unattended connected devices such as points of service (POS) terminals and other IoT devices

• Delivering value-added protection from cyber threats, as well as cost savings, with built-in essential network security functions that eliminate the need to purchase and maintain additional security appliances

OpenVPN Cloud capabilities are delivered as a Service (aaS) from more than 30 worldwide points of presence (PoP) that provide businesses with fast, on-demand connectivity— without the need to acquire and manage complex networking gear. Businesses connect to these PoPs by running Connector software on 1) their application servers, 2) on lightweight virtual machines on their networks, or, 3) by using OpenVPN protocol compatible routers to make applications part of the overlay network. The company’s workforce can then access these applications by installing the Connect application on devices and connecting to the closest PoP.

OpenVPN Cloud separates the data plane, which includes functions such as data forwarding, encryption, security, and policy enforcement, from the control plane. The data plane functions are operated entirely by kernel-optimized software on bare-metal servers in the PoPs for high performance. The control plane runs on the Cloud using the latest cloud-native technologies to carry out policy management, event collection, and other configuration and authentication functions at a high scale. For maximum route diversity and low latency, the worldwide PoPs connect to each other using full-mesh topology over high-speed internet access.