Bad Actors Can’t Attack What They Can’t Find

Intrinsic protection for your private networks and applications using multi-tenancy, cloaking, and network segmentation.

You Don’t Have to Sacrifice Safety For the Benefits of the Cloud.

Cloud services deliver unmatched scalability and save both time and money. But exposing your cloud assets to the public internet comes with security concerns (e.g., DDoS) that require hardening. An OpenVPN Cloud wide-area private network (WPC) is a better way to secure network connectivity and keep applications and services private.

Features

A multi-pronged approach to protecting your network and enabling reliable connectivity

Our multi-tenant cloud-delivered service creates a dedicated worldwide private overlay network, with built-in security features, exclusively for your use.

  • No VPN Servers

    Block attacks on a specific customer or network by refusing inbound connections and using our multi-tenant service to reduce your attack surface.

  • Transfer DoS Risk

    OpenVPN Cloud, offered as a service, uses 30+ worldwide Points of Presence (PoP) for all incoming connections to protect your company from DoS and DDoS attacks.

  • Automatic Microsegmentation

    OpenVPN Cloud automatically microsegments to prevent lateral movement and restrict routes to authorized microsegments based on a connected entity’s authorized IP services.

  • Network Cloaking

    Domain-based routing, an OpenVPN exclusive, cloaks your private network IP address ranges from discovery by using domain names for routing.

FAQs

ZTNA or Zero Trust Network Access is a network security model that operates on 3 core principles:

  • Always verify – Do not assume an entities identity
  • Least privilege – Give access to only the resources the user, device, or application should have
  • Assume breach – A proactive approach to network security that includes reducing the attack surface and isolating potential threats

OpenVPN Cloud allows Owners and Administrators to:

  • Use SSO Authentication with LDAP, and SAML to connect to their WPC.
  • Limit access to only specific resources by configuring access controls to select User Groups, Networks, or Hosts with Access Groups.
  • Provide access to applications using domain names instead of the network to reduce your attack surface — eliminating lateral movement to other network resources from potential threats.

Network lateral movement is a technique used by cybercriminals to move through a compromised network to search for additional vulnerabilities and data.

In network security, Micro-Segmentation is the practice of separating network subnets. This provides a reduced attack surface for potential threats and allows administrators to isolate and contain potential breaches.

Tenant means a customer. A service or equipment is called multi-tenant when the same equipment can serve multiple customers by logically separating them instead of using multiple instances of the same equipment and dedicating each instance to one customer. The servers in an OpenVPN Cloud PoP are shared by multiple customers/tenants and isolated by virtualization.

Domain-based routing is an OpenVPN patent pending feature that allows network administrators the ability to route traffic to different connected networks using FQDN (Fully Qualified Domain Names) assigned to applications hosted in those networks instead of using the network’s IP address subnet. To learn more about domain-based routing, read OpenVPN Cloud Launches Domain Routing Feature.

Cyber Shield content filtering is a feature of Domain Filtering that analyzes the domain names in DNS queries received from WPC clients only when domain filter monitoring is turned on. When Monitoring is active, Cyber Shield checks which content category each domain name being queried belongs in. If a domain name is matched to any of the 43 Cyber Shield Domain Filtering Categories that is configured to be blocked, the domain name is not resolved as expected and a “This site can’t be reached” page is displayed. Content can be blocked by chosing any of those categories or by using 1 of 3 domain filtering preset modes:

  • Basic
  • Safe Browsing
  • High Productivity

Cloaking hides the private IP address ranges of your network from discovery. Even after connection to OpenVPN Cloud, the IP address ranges of connected private networks are not pushed to the connected device as routes when exclusively using Application Domain Name routing.

Multi-tenancy allows high scalability, reduced setup time, and better cost-effectiveness than single-tenant solutions.

Connect to OpenVPN Cloud now with three free connections

OpenVPN helps you easily create a secure, virtualized, reliable network that ensures secure communications between your networks, applications, devices, and workforce.