Applications and IP Services

What is it?

Applications

Applications are defined as domain name addressable resources (for example, www.openvpn.net, privateweb.company.local) that can provide access to internet applications and are accessible by OpenVPN Cloud Networks or Hosts (for example, public and private websites, and SaaS apps). Access to Applications can be defined by Application Types which include protocols, and/or ports. Granular access controls are controlled from the Settings portal, which can be set to Full Mesh (everyone can access) or Custom topology – if set to Custom, Access > Groups must be configured to grant access between Sources (e.g. Network or Host Applications) and Destinations (e.g. User Group).

IP Services

IP Services are defined as access to specific IP address ranges. Access to IP Services is defined by Routes. A Route must be configured to make an IP addressable service accessible from a Network (for public IP addresses or subnets accessible from a Network, or private IP addresses or subnets that are a part of your Network). IP Services can be configured to provide further access granularity. Granular access controls are controlled from the Settings portal, which can be set to Full Mesh (everyone can access) or Custom topology – if set to Custom, Access > Groups must be configured to grant access between Sources (e.g. Network or Host Applications) and Destinations (e.g. User Group).

Who should use this?

An Administrator can configure Applications or IP Services under previously defined Networks and Hosts or create new Applications and IP Services for new Networks and Hosts.

For access controls and services to be active, the VPN topology needs to be set to Custom and proper Access Groups need to be configured.

Why should I use this?

Applications and IP Services provide a means to apply granular access controls.

Show me how to configure it:

When should I make use of this?

For example, if you want to restrict remote contractors to only allowing access to the time-keeping and work-order web services, you would define those two services under the network that hosts those application servers and provide access to those services only to the User Group that those contractors are members of.