Intelligent Routing Using Memorable, Recognizable Domain Names
Routing traffic to your connected private networks and accessing resources using IP addresses can get complicated. Instead of providing IP address subnets as routes to your private networks, Application Domain-based Routing, a Cloud Connexa feature, lets you easily route traffic to applications distributed among your various connected private networks using the application’s domain name as a route to the network where that application resides.
IP address overlap occurs when one or more devices or subnets connected to the same network are assigned the same IP address or range.
Cloud Connexa allows administrators to configure private network access to applications using only domain names. Routing is configured using Fully Qualified Domain Names (FQDNs) instead of IP addresses. The FQDNs are unique and used for routing to the correct network, making the overlapping use of IP addresses inconsequential. To learn how read User Guide - Remote access to private networks with overlapping IP address space.
Application Domain routes are configured through the Networks setting in the administration portal. To configure, go to Networks and create or edit an existing Network by clicking the name of an existing Network or edit icon (pencil). Select Domain and enter a Fully Qualified Domain Name (FQDN). Note: All subdomains will be included. Enter an optional Description to easily distinguish between applications. If private domain names are used, you must add them to your DNS server or add DNS Records directly in OpenVPN Cloud.
ZTNA or Zero Trust Network Access is a network security model that operates on 3 core principles:
- Always verify – Do not assume an entities identity
- Least privilege – Give access to only the resources the user, device, or application should have
- Assume breach – A proactive approach to network security that includes reducing the attack surface and isolating potential threats
Cloud Connexa allows Owners and Administrators to:
- Use SSO Authentication with LDAP, and SAML to connect to their WPC.
- Limit access to only specific resources by configuring access controls to select User Groups, Networks, or Hosts with Access Groups.
- Provide access to applications using domain names instead of the network to reduce your attack surface — eliminating movement to other network resources from potential threats.
Network lateral movement is a technique used by cybercriminals to move through a compromised network to search for additional vulnerabilities and data.
Split Tunnel is a configuration setting of the tunnel that connects the device to Cloud Connexa. It can be set to select what kind of traffic is sent through the tunnel. All traffic (even internet traffic) is sent through the tunnel when set to OFF. When set to ON, only specific traffic configured to be routed to Cloud Connexa enters the tunnel, and general internet traffic does not.
Get Started for Free
Cloud Connexa comes with three free connections, no credit card required.