Maximize ZTNA, Minimize Attack Surface

Build ZTNA by defining access control policies for users, context, and devices.

Hidden Apps + User Identity + Client UUID = Attack Surface Minimized

Device Identity Verification & Enforcement (DIVE) minimizes your network attack surface, and gives Admins full visibility into devices used, by limiting authenticated user access to trusted devices with unique digital identities.


We make Least Privilege easier than ever.

DIVE gives Owners and Administrators the power to leverage one of the key principles of ZTNA – Least Privilege – granting access only to resources a user should have, from only the devices they’re authorized to use.

  • Block Unauthorized Devices

    DIVE establishes a 1:1 relationship between a Cloud Connexa Profile and Device, establishing a trusted connection and only allowing authorized devices to connect to the Wide-Area Private Cloud (WPC).

  • Flexible Learn and Enforce Mode

    Enable Learn and Enforce mode for Automatic Profile distribution to communicate UUID to Cloud Connexa during connection. Manual Profile distribution requires Owner/Admin to provide UUID.

  • Enhance ZTNA

    DIVE boosts the ZTNA essentials Cloud Connexa already provides — hiding your applications from public view, and using digital certificates for users and devices.

  • Flexible Internet Routing

    Don't just tunnel traffic to private resources on your connected networks; get unmatched control over internet bound traffic routing by User Group, Network, or Host.

  • Multiple Isolated Overlay Networks

    Cloud Connexa combines superior utility and usability so you can create and manage multiple wide-area private clouds (WPCs) from a single Owner account.

  • Application-Based Domain Routing

    Domain name awareness combined with sophisticated routing logic so you can define routes to connected networks using domains names.

  • Cyber Shield

    This built-in feature of Cloud Connexa is an easy-to-use, customizable IDS/IPS and Content Filtering feature that protects remote access.

  • Cloud Protection/ZTNA

    Don't sacrifice safety for the benefits of the Cloud. Create a dedicated worldwide private overlay network, exclusively for your use, with Cloud Connexa.

  • Internet Gateaway Selection

    Internet Gateway Selection lets you control which private network acts as an internet gateway for your networks, servers and devices.


Device Identity Verification & Enforcement (DIVE) is a new approach to enforcing Least Privilege, by allowing Owners and Administrators to restrict user access to only trusted devices. This is accomplished by establishing a 1:1 relationship with a user’s connection Profile and the device’s UUID - restricting profile re-use from an unregistered Device.

If you have not already done so:

 Create your Wide-area Private Cloud based on your use case:

    1. Remote Access
    2. Site-to-Site
    3. Restricted Internet Access
    4. Define your trusted Applications and IP Services
    5. Define trusted Users and Devices
    6. Define Access Policies
    7. Shield against cyber threats


Yes, you must have the OpenVPN client running the minimum client version for your Operating System to enable DIVE.

The following are the minimum client versions to enable Device Enforcement on your device:

OS Minimum Client Version
Windows OpenVPN Connect 3.3.7
Mac OS OpenVPN Connect 3.4.2
Linux OpenVPN3 v19_beta
Android OpenVPN Connect 3.3.2
iOS OpenVPN Connect 3.3.3

Get Started for Free

Cloud Connexa comes with three free connections, no credit card required.