Access Server or OpenVPN Cloud

Which secure networking solution is right for you?

OpenVPN® Inc. offers two secure networking solutions for small, medium, and enterprise businesses. OpenVPN Cloud provides secure communication between an organization’s distributed workforce, IoT/IIoT devices, and the online services they rely on daily, with a secure virtualized network offered as a service. OpenVPN Access Server, our self-hosted solution, simplifies the rapid deployment of a secure remote access solution with a web-based graphic user interface and built-in OpenVPN Connect Client installer.

Both products are based on the market-proven OpenVPN protocol and trusted by some of the world’s most renowned brands for their unmatched flexibility, scalability, and ease of use.

Choose OpenVPN Cloud if you want to:

Choose Access Server if you want to:

Product Comparison Table

OpenVPN Access Server OpenVPN Cloud

Self-hosted software solution with server software available on many IaaS Marketplaces, and from our website for Linux distributions: Red Hat Enterprise Linux, CentOS, Ubuntu, Amazon Linux 2, and Debian as well as virtual appliances for VMware ESXi and Microsoft Hyper-V

Cloud-based virtual networking platform offering with worldwide Points of Presence for connecting devices, applications, and networks

Can be deployed on air gapped systems

Responsibility for monitoring, managing, and deploying servers for redundancy, performance, and scale

Customer OpenVPN Inc.

Make a Network accessible

By deploying one or more Access Servers on the network. By deploying one or more instances of Connector software, which makes an outbound connection to an OpenVPN Cloud Point of Presence.

Make an Application accessible without connecting the network

By running the Connector software on the Application server, which makes an outbound connection to an OpenVPN Cloud Point of Presence.

Connect to applications on a network without exposing IP subnet routes

By providing application domain names as routes for the connected network hosting the application servers.

Connect networks with overlapping IP address subnets

Uniquely identify each network with overlapping IP addresses with a name instead of IP subnets.

Split-tunnel OFF (full tunnel redirection)

All internet traffic is tunneled to the connected Access Server. All internet traffic is tunneled and routed to one or more connected Networks acting as Internet Gateways.

Split-tunnel ON

All private traffic and traffic to configured public IP addresses is tunneled to the connected Access Server. Any other traffic uses the local internet connection. All private traffic and traffic to configured public IP addresses and public domain names is tunneled and routed to one or more connected Networks. Any other traffic uses the local internet connection.

Restricted Internet

All private traffic and traffic to configured public IP addresses and public domain names is tunneled and routed to one or more connected Networks. Any other traffic is blocked.

For remote access to a Network

Clients connect to the Access Server that is deployed on the network or provides connectivity to a network using a site-to-site configuration. Clients connect to any one of the OpenVPN Cloud Points of Presence.

Provides site-to-site connection

By deploying a gateway client instance on a site that connects to the Access Server deployed on the other site. By deploying one or more instances of Connector software, which makes an outbound connection to an OpenVPN Cloud Point of Presence, on the site. All sites connected to OpenVPN Cloud can be provided access to each other.

Requires pinholes in the firewall to allow inbound connections to the server on your network

Uses OpenVPN protocol

Supports OpenVPN Data Channel Offload (DCO)

OpenVPN Connect clients are available for Android, iOS, macOS, and Windows.

OpenVPN open-source client included in all major Linux distributions and DD-WRT or related routers

Clients bundled with connection profiles for quick install and connectivity

Static tunnel private IP address

Can be dynamic or static based on configuration. All assigned tunnel IP addresses are always persistent.

Authentication

OpenVPN Access Server OpenVPN Cloud

Provisioned Username/Password

RADIUS

PAM

LDAP and Secure LDAP

SAML

MFA

Expandability using and developing plugins

Authorization

OpenVPN Access Server OpenVPN Cloud

Point and click Configuration of access control

Access control to applications defined using domain names

Access controls that apply to specific users

Controls for User Groups

Logging

OpenVPN Access Server OpenVPN Cloud

Connection events displayed on the portal

Streaming connection events to remote syslog server

Emailed as CSV files from the portal.

Logs for additional security events

Dashboards, drill-downs for monitored and blocked events reported by content filtering and IDS/IPS.

Value and Security Features

OpenVPN Access Server OpenVPN Cloud

DNS-based Content Filtering with domain name block list and allow list

Intrusion Detection and Prevention System (IDS/IPS) that protects transiting traffic

Billing

OpenVPN Access Server OpenVPN Cloud

Charged monthly or annually by number of simultaneous connections

Usage based pricing from AWS

Sharing the number of connections associated with a subscription among multiple deployments

A subscription is associated with each OpenVPN Cloud Account.

Freemium model

2 connections free prior to purchase 3 connections free prior to purchase