Applications and IP Services

Applications are defined as domain name addressable resources (for example, www.openvpn.net, privateweb.company.local, that can provide access to internet applications and are accessible by CloudConnexa Networks or Hosts (for example, public and private websites, and SaaS apps). Access to Applications can be defined by Application Types which include protocols, and/or ports. Granular access controls are controlled from the Settings portal, which can be set to Full Mesh (everyone can access) or Custom topology – if set to Custom, Access > Groups must be configured to grant access between Sources (e.g. Network or Host Applications) and Destinations (e.g. User Group).

IP Services is defined as access to specific IP address ranges. Access to IP Services is defined by Routes. A Route must be configured to make an IP addressable service accessible from a Network (for public IP addresses or subnets accessible from a Network, or private IP addresses or subnets that are a part of your Network). IP Services can be configured to provide further access granularity. Granular access controls are controlled from the Settings portal, which can be set to Full Mesh (everyone can access) or Custom topology – if set to Custom, Access > Groups must be configured to grant access between Sources (e.g. Network or Host Applications) and Destinations (e.g. User Group).

An Administrator can configure Applications or IP Services under previously defined Networks and Hosts or create new Applications and IP Services for new Networks and Hosts.

For access controls and services to be active, the VPN topology needs to be set to Custom and proper Access Groups need to be configured.

Applications and IP Services provide a means to apply granular access controls.

For example, if you want to restrict remote contractors to only allowing access to the time-keeping and work-order web services, you would define those two services under the network that hosts those application servers and provide access to those services only to the User Group that those contractors are members of.