Skip to main content

Key Terms

In this section:

We have updated some of the terminology associated with CloudConnexa. Please read to understand the CloudConnexa ecosystem.

CloudConnexa Device Identity Verification & Enforcement (DIVE) is a Wide-area Private Cloud (WPC) security policy that strengthens your Network and Host security posture and reduces your attack surface by locking digital certificates (contained within the .ovpn Profile) to specific devices, allowing only authorized devices to connect to your WPC.

What is it? CloudConnexa is a secure, reliable, multi-tenant, virtualized Network-as-a-service (NaaS) that provides the foundation for evolving security initiatives like ZTNA and SASE. Since it is a multi-tenant service, when you signup for the service, CloudConnexa creates a virtually dedicated worldwide private Network exclusively for your use. This virtual Network is called […]

When traffic is split between the WPC interface and other interfaces, split tunneling is said to be in use. When split tunneling is not in use, all traffic uses the WPC interface, which includes internet traffic.

OpenVPN Connect Auth is the authentication policy that can be enforced during the WPC connection attempts by Users belonging to a specific group.

The use of split tunneling is based on the configuration of the Internet Access setting for Networks, Hosts, and User Groups. An Administrator should set this based on the desired handling of internet traffic. For example, internet traffic can enter the WPC and exit out of a connected Network acting as a Internet Gateway.

CloudConnexa does not provide direct egress of Internet traffic. Any traffic to the Internet that enters the WPC needs to exit out of a customer’s Network. A Network can be configured as an exit point for internet traffic by turning the Internet Gateway setting ON.

A Host represents a server running on the customer’s private Network that the WPC is directly extended to by running a Connector on the same computing instance as the server.

An Access Group defines a specific access control configuration by specifying the access relationship between sources (i.e. who?) and destinations (i.e. what?).

Device allowance is the default value for all User Groups that limits the number of Devices each User can use to connect to the WPC. This value can be changed per User Group if an Administrator wants to grant a specific set of Users the ability to use more or fewer Devices.

This configuration option provides control over the means of distribution of the Profile to your WPC Users. If Manual distribution is selected, Users need to receive the Profile from an Administrator for each User Device and import the Profile themselves.

This configuration option provides control over the means of distribution of the Profile to Users of the WPC. If automatic distribution is selected, Users can retrieve profiles using credentials and manager their Devices.

A Connector WPC subnet is the range of IPv4 address and IPv6 addresses from which IP addresses are assigned to Connector clients, which provides OpenVPN Connectivity to Networks and Hosts.

A User WPC subnet is the range of IPv4 addresses and IPv6 addresses from which IP addresses are assigned to User Devices.

An Administrator can configure one of the CloudConnexa WPC regions as the default Region for any new User Groups and Connectors.

An Administrator can configure your WPC to use different public or private DNS servers instead of the default DNS servers provided by CloudConnexa.

WPC topology determines whether access controls are in use or not. When set to Custom, your configured services and Access Groups become active.

When your WPC topology is set to Full-Mesh, there is unrestricted access between all Users, Networks, and Hosts.

A CloudConnexa User Group allows a set of Users to share common settings, such as WPC regions, authentication methods, and so on.

A Connector is a special type of CloudConnexa Device whose primary function is to provide OpenVPN Connectivity to a private Network subnet or private application server.

A Network represents your organization's site, either on-premises or cloud-based. An Administrator configures a Network if that Network is to be part of the WPC in order to provide Site-to-Site access or Remote Access.

A CloudConnexa Profile is a configuration file that provides the necessary digital certificates and configuration details to connect to a CloudConnexa Region.

A Device is a computing entity (e.g. desktop, smartphone, IoT connected Device) that has an OpenVPN client installed for access to a WPC.

An Administrator is a special type of CloudConnexa User that has been granted permission to manage all aspects of the WPC.

A CloudConnexa User is an entity that is provisioned by an Administrator to authorize access to the WPC.

A Region is the geographic area that serves as a CloudConnexa point of presence.