OpenVPN delivers secure, high-performance Zero Trust VPN solutions that protect your company data while supporting remote and hybrid workforces with flexible, scalable access. Watch a full demo of OpenVPN brought to you by SourceForge.
Trusted by over 20,000 organizations worldwide, OpenVPN offers both self-hosted and cloud-delivered options to simplify secure connectivity without the complexity.
In this SourceForge Product Demo Showcase, we speak with Rohit Kalbag and Sean Golriz, who explain the features of OpenVPN’s Cloud Connect platform, emphasizing its zero trust security framework and ease of setup for IT teams. We discuss the evolution of OpenVPN from its open-source roots to enterprise solutions, highlighting the importance of simplifying network security and modernizing the network perimeter. The conversation highlights a streamlined process for securing SaaS applications, including device posture checks, location context policies, and integration with existing services to maximize security and efficiency. In this conversation, we also discuss the importance of educating the market about modern VPN solutions, the integration of AI in network management, and the future innovations planned for OpenVPN. We explore various security features, the significance of user-friendly interfaces, and the automation of network security. The discussion also touches on the potential for AI-driven administration and the role of OpenVPN in shaping secure digital environments.
Watch the product demo here:
Learn more about OpenVPN.
Interested in doing a Product Demo Showcase? Contact us here.
Show Notes
Takeaways
- OpenVPN has transitioned from its open-source beginnings to offering enterprise-level solutions like Cloud Connect.
- The company emphasizes zero trust security, integrating it into their VPN solutions to offer secure, scalable, and modern network access.
- Cloud Connect is designed to be user-friendly, simplifying network security for IT teams, even those with less technical expertise.
- OpenVPN’s solutions integrate well with existing IT infrastructure, offering features like multiple WPCs and application sharing for enhanced flexibility.
- Future innovations include AI capabilities and a UI refresh to further enhance user experience and security.
- OpenVPN serves over 20,000 businesses, including major enterprises like Salesforce and Target.
- The company is committed to continuing its open-source legacy while expanding its enterprise offerings.
- Cloud Connect offers a seamless transition from traditional VPNs to zero trust solutions.
- The platform supports integration with existing IT systems, including various authentication methods and log streaming.
- OpenVPN is exploring AI-driven administration tools to enhance network management.
Chapters
00:00 – Introduction to OpenVPN and Cloud Connect
02:15 – OpenVPN’s Journey from Open Source to Enterprise
05:30 – Emphasizing Zero Trust Security
09:45 – Hands-On Demo of Cloud Connect
14:20 – User-Friendly Design and Features
18:35 – Integration with Existing IT Infrastructure
22:50 – Future Innovations and AI Capabilities
27:10 – OpenVPN’s Commitment to Open Source
30:25 – Transitioning to Zero Trust Solutions
34:40 – Supporting IT Systems and Authentication
38:55 – AI-Driven Administration Tools
Transcript
Beau Hamilton (00:01.016)
Hello, everyone. My name is Beau Hamilton, Senior Editor and Multimedia Producer here at SourceForge, the world’s most visited software comparison site where B2B software buyers compare and find business software solutions.
In today’s episode of the SourceForge Product Demo Showcase, we’re spotlighting OpenVPN, a company synonymous with online security, best known for its open source roots. OpenVPN has quietly been building some of the most forward-thinking solutions in network security with their CloudConnexa platform, the company’s cloud-based networking service that provides a virtualized network as a service for businesses.
We’ll be peeling back the curtain, so to speak, and offering a hands-on demo of CloudConnexa to see just how OpenVPN is helping IT teams simplify things like Zero Trust access, secure remote users, and modernize their network perimeter without a lot of the headaches of traditional VPN setups.
Joining us today for our conversation and hands-on walkthrough is Rohit Kalbag and Sean Golriz. Rohit is VicePresident of Product at OpenVPN, who will help us get a kind of a conceptual understanding of the company’s journey from community-driven software to enterprise-ready Zero Trust solutions. And Sean Golriz is Technical Sales Engineer at OpenVPN, who will walk us through a live demo of CloudConnexa to see it in action.
So let’s get right into it. So let’s get right into it. Rohit and Sean, it’s great to have you here.
Rohit Kalbag (01:27.427)
Thank you Beau. Thanks for having us.
Sean Golriz (01:29.263)
Thank you.
Beau Hamilton (01:31.182)
Now, I want to start at the top and I’ll direct this first question to you Rohit. Many know OpenVPN from its open source roots that date back to the early 2000s, 2001 to be exact. How has the company grown beyond that into an enterprise solution with its CloudConnexa product?
Rohit Kalbag (01:52.056)
Yeah, thanks, Beau. As you said, we are very well known for our open source roots, and we are very proud of that heritage. And we continue to invest and advance our open source technology. You probably recently heard that one of our key enhancements there, called data channel offload, which basically brings the encryption and decryption of data packets down to the kernel level, and that brings about a massive increase in data speed.
That was recently included in the Linux kernel, so that’s a big win for our open source community and for us as well. What a lot of people don’t know is that parallel to the open source work for, you know, about 20 plus years, we have been developing and selling business solutions. And we are proud to count many enterprises like Salesforce and Target as being part of our customer base. And we serve more than 20,000 businesses right now.
So our products are growing. They are reaching wide adoption within the marketplace. And like you mentioned, being more enterprise oriented. So we are continuing developing enhancements in our products. Our two main products are AccessServer, which is self-hosted software solution. And what we recently did is we enabled horizontal scaling for it, which we call clustering. So now our enterprise customers can deploy multiple access servers, use clustering to make it seem like one huge, highly available access server which can handle a lot of connections.
And for CloudConnexa, which as you mentioned earlier is a network as a service, we enabled IPsec. We know that most of our enterprise customers use enterprise-grade routers and firewalls, and also AWS, GCP, they all have IPsec in them. So we enabled our customers to connect their networks to our CloudConnexa POPs using IPsec.
So over these 20 years, starting from our humble roots as an open source project, we have significantly grown and made our products really enterprise capable.
Beau Hamilton (04:53.486)
I’ve known about OpenVPN for many years as an open source enthusiast and covering various updates on Slashdot and elsewhere. And I had no idea that you guys were already serving over 20,000 businesses and you had such a big presence in the enterprise world.
Now when you guys obviously were approaching almost 30 years now, if you can believe it, in development, how would you describe OpenVPN’s mission today, especially as it concerns to networking and security, which continues to converge in today’s increasingly connected and remote world?
Rohit Kalbag (05:36.126)
Right. Yeah. Good question. So a part of our mission right now has actually become a bit about education, because if you see some of the narrative out in the market, there is a narrative that VPNs are bad. VPNs need to be replaced with Zero Trust specialized solutions. And we are trying to educate the market and saying that, OK, when these folks mean VPN, they are not talking about open VPNs, modern solutions. They are talking about legacy hardware-based VPNs, which are hard to scale and which traditionally just provide a secure connection tunnel, which give network-wide access.
But that’s not the solutions that we create. You know, from day one, like 20 years ago, with our first access server, we have always included access control in there. So it’s not VPN provides the secure connectivity, but it can also be layered with all the Zero Trust controls so that you can be assured that the principle of don’t trust always verify, can be enforced even with our modern VPN solutions.
So we are kind of changing the narrative a bit and trying to differentiate ourselves and calling our products Zero Trust VPN to make it really apparent that we are not the legacy VPN provider.
The second part of our mission will always continue to be growing our open source base, expanding and enhancing our open source protocol and our open source project, continuing investing in it. And of course, our mainline mission is to continue providing top of the line security solutions. You know, things that combine networking and security, so customers don’t need to maintain two separate stacks. You know, there’s special networking hardware, the special security hardware, but adopt us. And we want to enable use of Zero Trust, not just for private network access or private apps, but also, you know, to cover SaaS access as well as internet access. So that’s what we are striving to do here.
Beau Hamilton (08:36.588)
Yeah, I think that’s really important to call out and just reiterate that, yeah, CloudConnexa isn’t just another VPN, right? It’s really built up from the ground for Zero Trust, which just explained for listeners is it’s a security framework that ensures essentially that nobody can be trusted. No user device or applications should be inherently trusted, right?
So from this standpoint, like why did you choose to focus on Zero Trust in particular and have it really reflected in the product’s design?
Rohit Kalbag (09:14.356)
Yeah, thanks. So the reason we focused on Zero Trust is we want to help our customers adopt Zero Trust and not just the big enterprises, but also the small medium businesses. And sometimes when these customers or companies use Zero Trust solutions, it’s like you’re forcing something down their throat and providing a complicated solution with a lot of gears and things and configurations to change.
But the way we have approached it is that we have allowed a kind of continuous transition or migration from more of a VPN centric approach to a Zero Trust approach so that there is not a revolution but more of an evolution, the customers are already familiar with VPN and then they see and then they can migrate to the Zero Trust controls we have in CloudConnexa.
From the design and operation point of view in our user interface, you will notice that we are gearing the administrator to think more about applications, and IP services. Think at a granular level of access, not just, you know, here’s the network, you know, I’m attaching a network, but you know my end users want access to these applications, these IP services. And we have also introduced. Applications and made it easier by using domain names. So instead of doing IP based routing, thinking about IP tables, the administrator can just enter the domain name of an application. And, by doing so, they reduce the IP routing, complexity and we do not push IP routes, to the connected endpoint.
So the private network and the IP addresses of the private servers, application servers, all remain hidden. So even if the user is connected to CloudConnexa, they cannot snoop, they cannot scan the network because they don’t know their private IP addresses. And even if they know, it’s going to be blocked because only domain name access is allowed. So these are the capabilities we have built not just from the technology standpoint, but also from the UI experience, from the onboarding visits, you know, trying to build in that mentality of, you know, think of, think granularly, think about access control, add policies, things like that.
Beau Hamilton (12:36.726)
Right. Well, thank you for that conceptual kind of overview and then just laying the foundation for us. I think that’s a perfect setup for what we’re about to see with the demo. So I think it’s time we can bring in Sean Golriz here to walk us through how CloudConnexa works in practice.
All right, Sean, you’re the technical sales engineer working to design and make this product all possible. So can you walk us through just how easy it is for IT teams and admins to get started with CloudConnexa and secure access to Microsoft 365 products? I think that’d be a good starting point.
Sean Golriz (13:30.966)
Yeah, the process we made it really easy. I mean, the signing portion of it, which I’m going to show towards the end of the demo, it takes less than three minutes. Basically, it’s a three steps signing process. And then once they get connected, getting CloudConnexa set up and getting their network connected to CloudConnexa, it’s going to take less than 20 minutes to do. Now, if there is anything that comes up, we always have supports and we have weekly demos that we try to help these users.
But really getting everything from sign up to up and running, you know, just we’re talking about basic configuration is less than 20 minutes. And then after that, they can go as far as they want to go, especially since we’re talking about Zero Trust.
Beau Hamilton (14:21.112)
Wow. Yeah, that’s, that’s no time at all. Really. I love how just, first of all, like the, a visual standpoint, mean, everything just is very simplified and laid out, easy to understand and like move around the screen. Right. I like.
Sean Golriz (14:34.809)
Yeah, CloudConnexa is built to make things really easy for admins, basically administrators, even people that they’re not as advanced when it comes to the technical aspects of configuring a VPN or encrypted tunnel. This makes it really easy and very easy to understand each features. When I go through the features, when I show you how to set up, everything is wizard based. Step by step explain how to do it and if someone doesn’t understand what it is they just read the little description and again it’s a very everything is in plain simple language that they can they can follow the steps and get everything done.
Normally you show how to sign up and then show the futures. But since we’re talking about Zero Trust and just Rohit was talking about the futures of the product, I’m going to start kind of little bit backward. I’m going to talk about the futures and especially how to secure SaaS applications. And at the end, I’ll show the sign up process because again, as I said, that’s the three steps I want.
Everyone remember that part because again, if they forget about how to configure some features, we have demos and support that we can help them at any time.
Sean Golriz (16:20.869)
So as you can see, this is the admin portal. When they log in, we see this. This gives us an overview of what’s happening on our network. Now, to just be, you know being a little bit frank about how things going on. You know, I remember those days that password 123 was a good password, you know, but these days, million of stolen credentials are floating around the dark web. So, you know, even if you enable two factor authentication, sometimes it’s not even enough because sessions can get hijacked, phishing’s are, you know, on the rise and everything else. So basically what that means is that relying on username, passwords and 2FA it just doesn’t cut it anymore.
And these days, a lot of organizations are using SaaS applications. And we want to make sure that even if someone’s credential gets stolen or if a bad actor gets a hold of access to a network, they won’t be able to get access to the SaaS applications or any online applications that they have. we can turn those applications or those public SaaS applications into private apps. What that means is that once you connect your network to CloudConnexa, and when you go to connect your network to CloudConnexa, as I said, everything is a wizard based, you just click on add network, you choose your scenario, you can choose multiple scenario or just one or two scenario. Once you choose your scenario, then you can click on continue and then this is where you’re just going to give it a name.
And then you choose your protocol, tonnelling protocol, either OpenVPN protocol or IPsec protocol. And then you need to install a connector. Connector is a low overhead application that basically connects your resources to CloudConnexa. Now this connector can be deployed in a lot of different ways. You can deploy it on Cloud, providers such as AWS, Azure GCP as you see here, different operating systems if you have on-prem environment, Linux, any Linux distributions, Windows Server, Mac OS, and then virtual private servers such as DigitalOcean, Compatible Routers, Deltonic, RPFSense, and so on. So once you connect your network, then this is where you can add the applications. This is what Rohit was talking about, when he was talking about using domain names instead of IP routings and IP services. Now, you have the option of using IP routes and IP services, but this way you can cloak your IP subnets and basically just give access to the resources by domain name. Like for example, you see here on the screen, I have some private applications, such as accounting, CRM, these are private application. But at the same time, you see that I have some SaaS applications that are being routed through CloudConnexa, so being considered as like a private app. Like Salesforce, this OVN Lab online is our SharePoint and Outlook.office.com, for example. Now, what that means, it means that the user has to be connected to CloudConnexa in order to access the SaaS application.
So we’re going to look at our access group basically to see who has access to the SharePoint. And if we go to accounting, to our access group, we can see our accounting team has access to the SharePoint, nobody else. Now, if I go back to users and look at the users, I can see right out of the bat here that Ella is part of my accounting. So if I try to connect to my SharePoint, here we go. I shouldn’t be able to connect access tonight because we’re not connected. Now, if I connect as Ella, which I’m going to toggle the switch here on Connect app. Now if I connect as LR, should be able to connect to the SharePoint. Here we go. We can see that the page is coming up. This is what we mean by using domain names and this is how we can basically create another layer of security on our SaaS applications.
Now, when we’re talking about Zero Trust, Zero Trust means that we don’t trust anything. So we need to add layers of securities on top of each other. So it’s not just about access policy and user groups and user name and passwords. Now we have other features in place for CloudConnexa, such as location context policy, for example. As you can see here on my location context, my tech support team can only connect when they’re in US.
Otherwise they get blocked. Now I can create different policies for different groups. I can use country or I can use IP address or subnet. So let’s say that if I have a group that they need to be in the office to connect to my resources, I can just come here and put that subnet, allow it and everything else, I can block it. So that’s our location context policy. And you can create different policies for different people or different groups. Now, when it comes to device posture, you can allow what operating systems users can use and what criteria or you know checks or imposter checks are in place for those operating systems before they can connect or even during the connections. So for example as you can see here for again we can choose what group they’re going to have this access or they’re going to have this policy.
Like this group has access, they can use Windows, Mac OS, Linux, pretty much all the operating systems. Now I can put some posture checks in place so I can say that the OS version be equal to something, antivirus, you know, let’s say that in our case, ESETs, and then other checks I can add. That goes for the Mac OS and then I can allow connection from Linux, Android or iOS.
Beau Hamilton (24:16.844)
Yeah, this just goes back to what Rohit was saying where all the different granular controls you guys offer. I think that’s really nice to see. I like also with the network configuration, you could fine tune not only the cloud providers, but different operating systems, which you can see here too. Yeah, love the visual aspect there.
Sean Golriz (24:33.913)
Yeah, exactly. Yeah. And as I mentioned earlier, it’s very simple to configure these things all wizard-less. Now, one thing about device posture I want to add here that let’s say that my computer I’m connecting to CloudConnexa. So at the time of my connection, everything is good. My antivirus is running. All the posture checks are checked out. But something happened and all of a sudden my antivirus shuts down. My connection gets disrupted right away because that just doesn’t happen during the connection, at the connection time, it happens even during the time that I’m connected. So that’s one of the nice things about device postures. So if my machine gets compromised at some point, at some point that my antivirus goes down, or if I have, for example, disk encryption in place, but something happens, again, I get disconnected right away, I get a message to contact my administrator. So that’s one of the nice things about device postures.
Now, I kind of showed the access groups, how you can set up different groups with different policies to access different resources.
Rohit Kalbag (25:41.889)
Sean.
Sean Golriz
Yes, sir?
Rohit Kalbag (25:41.889)
Would you like to explain how or what you did in those Microsoft 365 products to enable only connected users to get access?
Sean Golriz (25:59.994)
Yeah, probably I should have done that. Yeah. So is that okay to add it right now, Beau here?
Beau Hamilton (26:07.298)
Yeah, yeah, definitely.
Sean Golriz (26:29.943)
Yeah. So in order to basically tell the SaaS provider that, you know, the application, the connection has to go through a CloudConnexa. So we need to add our connector IP addresses to that SaaS application. For example, here, as you can see, I’m on the SharePoint admin center. Already added my connector IP address here. So some companies, call it allowed IP addresses. Some companies call it whitelist IP addresses. So different companies, they have different names. But no matter what, you can just go add your connector IP address to that section. And from then on, only from this IP address, the users can connect. As you can see here, for example, that’s what I have. So that was the part that it should have been explained earlier on.
Beau Hamilton (27:01.198)
Perfect.
Rohit Kalbag (27:01.584)
How about showing that slide? saw that when you were sharing screen, there was a slide explaining.
Sean Golriz (27:07.503)
This slide? Yeah. This is basically the setup for the access to the SaaS application. So for example, let’s say my resources are in AWS. I have a VPC going on AWS and my users are sitting somewhere else and connecting. And I want to make sure that the connection goes through CloudConnexa. And basically the users use my VPC to connect to my SaaS application.
So this is the diagram that shows how things work. Basically, again, my connector is installed on AWS, so has that IP address that you see on the screen, which we added to allowed IP addresses on SharePoint admin site. And then from then on, when my users connect to CloudConnexa. Again, everything goes through the internet. But connect to CloudConnexa, connect to my VPC on AWS, then they can get access to any SaaS app.
Again, it doesn’t have to be just Microsoft, SharePoint Online, or OneDrive. It can be any SaaS application. can be Salesforce, can be ServiceNow, it can be any SaaS application, as long as they allow you to add your connector IP addresses to their list, basically.
Beau Hamilton (28:23.384)
Gotcha. OK, yeah, this is a great visual to kind of help see how it all is laid out for us. Now, Sean, I don’t want to get ahead of ourselves, but I also want to talk about integration aspect, because I know a lot of IT teams are using various VPNs and firewalls that they already have configured. Can you just talk about maybe some of the integration aspects of CloudConnexa and how it plays well with other existing services out there?
Sean Golriz (28:54.565)
Yeah, so first, if I want to talk about, you know, and let’s talk about first the authentication part of it, because a lot of organizations, they have their own IDP or identity providers, and they don’t want to come here and manually enter username, passwords, and set up group policies and so on. So as you can see here, they can choose different type of authentication. They can use SAML sign-on or private LDAP and set up their IDP as a authentication provider for CloudConnexa.
So if someone is using, for example, Entry ID, they can use SAML single sign-on. And one nice thing about the SAML that they can use SCIM. So they can basically map everything from their IDP to CloudConnexa. Now, if they’re using other IDP that they need to use LDAP, they can just use LDAP here and they configure it.
So that’s one of the integration here. Now, we do have the log streaming, which is basically they can get all the logs that it’s being populated here on CloudConnexa and send it to an S3 bucket on AWS. And from there, they can send it to you know, SEM and analyze those analogs such as Spelunk or Datalog. So that’s another feature that here it can be very helpful for the admins to see what’s happening on their networks. And then obviously there are APIs in place also that they can use if they wanna run any APIs on CloudConnexa. So there are some approved one here by going to Swagger, they can see it.
Rohit Kalbag (30:43.733)
Beau, what we have also noticed is that, apart from integrating our solutions, if companies do it, like you mentioned, they probably already have an embedded base of VPNs and firewalls and trying to figure out how CloudConnexa server will fit into the bigger picture. What we have seen is some companies have started using us as a sort of a backup or a disaster recovery alternative solutions. Things like if you have an SD-WAN, use us as a backup in case your SD-WAN goes down. Because compared to those companies and maintaining those big hardware specialized things, we are much more economical and much easier to set up.
What we have also seen is that companies might use our product for a very specific use case in which ZTNA makes sense for them. Again, our pricing is very flexible and very economical. It’s seed-based or number of connections-based. They will use us for a point application. For example, DevOps teams needs connectivity to AWS with all these controls because DevOps is, you know, they have privileged access and things like that.
And the third application is using us for some really complicated scenarios. For example, some of the IoT companies use us because we have a neat solution to avoid problems when you want to interconnect networks with the same IP address ranges. Again, we leverage our domain name routing for that, typically like let’s say building automation companies or surveillance camera companies or things like that, they want to replicate that same network in each store and each premise.
And all of those networks will probably share the same private IP address range. But they do want to remotely connect and look at diagnostics and monitor it and things like that. So with a traditional solution, you cannot typically try and figure out routing among multiple networks that share the same IP address ranges.
It’s going to be double NAT, some kind of very complex solution in place. But we make it very easy because we can give each of these networks a unique name and then use that name to identify that network that’s the destination. So these are kind of the three main ways we have seen our products being used in spite of the incumbents being in place in most of these companies.
Beau Hamilton (34:09.368)
Thanks. Yeah. Thanks for, thanks for highlighting some of those use cases. I think that’s important to point out. And, you know, as someone who’s just kind of, you know, seeing this for the first time, really, I think I’m just like, like struck by. I like how user friendly it is, but while also offering a lot of different, like granular controls, which I feel like kind of they’re likem, that typically doesn’t happen as it go hand in hand, right? But I like how you can kind of get really into the specifics with configurations.
I’m curious, like, obviously you’ve highlighted a lot of value, guess, in regards to integration. I’ve got a question about maybe some of the AI components here in a second, but I’m curious, is there like a feature or capability that’s maybe especially powerful that you’d like to highlight that maybe it teams kind of overlook? Or maybe don’t, maybe shouldn’t, maybe need to spend more time focusing on.
Rohit Kalbag (35:06.884)
Yeah, I mean, I have a suggestion and then Sean can add on to it. One of our features that is often overlooked is our capability. We call it multiple WPCs. So this overlay network which gets created, we call it WPC, Wide Area Private Cloud. But with the same account, you can set up multiple WPCs. So what that will allow you to do is completely isolate organizations. So for example, instead of managing all these rules, you know, and for one single organization, you know, it could become pretty overwhelming.
So what you can do is you can create another think of it like network slicing, right? You can create another overlay layer just for your IT department. Another overlay network just for your IoT stuff. Another one just for your sensitive finance or HRT. So that way, even when you audit your controls, it’s much easier and completely isolate. So even if someone gains access to one WPC, thinking about lateral movement, it’s virtually impossible now from that WPC to jump to the DevOps WPC because it’s completely a different virtually segmented network. So that’s one feature. And then accompanying that, we have another kind of unique feature. We call it application sharing. It’s under App Hub. What that allows you to do is actually share access to your applications that are inside of your WPC.
With another customer, yeah. Yeah, yeah, so we have companies who have who found that both of both themselves as well as their partners are using CloudConnexa. And it’s very easy now to just share access to their app, be it you know for API integration or whatever basically creates an extra net right? It creates a very secure extra net virtually very quickly. So that’s a neat kind of a feature that not many people see the potential of, even though they know it’s there.
And same with multiple WPCs, you can again share the app. So if there is one app that both HR and the finance team needs, you can just give connected to the HR WPC, but share it with the finance WPC, things like that.
Sean Golriz (38:12.037)
No, I mean those are great and then obviously the domain routing, the application name, that’s one of the big ones. Instead of doing IP routes and IP services, we can just use domain names. Again, as I mentioned earlier, you can use IP routes and IP services if you want to, but not really needed if you use it.
Rohit Kalbag (38:29.818)
Yeah, speaking about domain names, one of the things that we have in here, another thing which makes it very easy is you can set up the DNS records. For your applications right here in our system, because CloudConnexa acts like a proxy DNS server on connection. So you don’t need to go into your internal DNS server, your private DNS server or connect, you know, or have network connectivity to your private DNS server. You can, as soon as you give one of your applications a name, you can come here, add a DNS record. And that’s also how we do the resolution. So the DNS record, you know, 192.162.1.1 can be associated with multiple DNS records because the names are unique, right?
And then when you say, this app is accessible by this network, even though both those networks share the same 192.168.1.1, because of this unique names, CloudConnexa knows exactly where the destination is. So that’s how everything goes together. And these DNS records make it really simple.
Beau Hamilton (39:56.302)
Gotcha. Thanks for highlighting that as well. I’m curious. Now, obviously, with this AI world we’re throwing ourselves into, do you have any maybe agentic AI capabilities or features maybe in the works or currently in development where essentially you have security behind the scenes automations helping to keep a network secure in the background?
Rohit Kalbag (40:21.859)
Yes, a team is currently working on that and we basically think of it as another way of interacting with that administration portal. instead of, know, previously people used to say, hey, we have CLI, you know, we have a CLI interface and we have this web portal UI interface. So the hardcore programmers would always prefer the CLI, just typing away the visual folks like the UI, but now there’s another way which is using AI and natural language prompts, right? So that’s what we are trying to build in which the IT team can essentially converse with our admin interface or admin portal and just say, hey, add user Sean, or how many times did Sean log in today?
You know which applications did Sean access recently? Or what is the IP address that was assigned to Sean? Things like that, right? So. Yeah, we can use AI to help the admin configure to the admin monitor, analyze what’s going on. So that’s what we’re working towards. We don’t have it yet, but we are working towards it. It’s coming, yeah, yeah.
Beau Hamilton (41:47.456)
It’s coming. It’s coming. It’s something to get excited about. Now I want to give you one maybe more opportunity to highlight any particular visual area that maybe offers a ton of value for customers. Obviously we’ve already covered a lot at this point, was there or is there any like particular comment like aha moments that you hear about from customers when they start actually getting their hands on it and using CloudConnexa?
Is there like any particular feature that maybe stands out or, you know, really resonates with them more than, more than others?
Rohit Kalbag (42:25.43)
I would, yeah, I think one of the features we can just show here is our built-in internet security. like I was saying, convergence of networking and security. So we have feature called Cyber Shield, which analyzes and monitors both traffic, which is like IDS IPS.
So we have built-in IDS, IPS, and we also use domain name based or DNS based content filtering. we can, even though the traffic does not, internet traffic does not pass through CloudConnexa, we can still enforce controls and policies which will prevent access to phishing websites or prevent malware or prevented going to adult content websites or things like that based on the company’s acceptable use policies. So that’s another built-in value we have right now.
And just looking at, there are a lot of aha moments just looking at our interface, how easy we make it to, like these bubble charts we have, how easy we make it for the admins to figure out what’s going on. And the analytics we have, the access visibility is another part of our UI here, which basically shows which user groups are accessing what in detail, so that also allows the admin to figure out if and troubleshoot if there are any access issues. But I think the aha moment is. When they realize how easy it is to just install an open VPN connector. You know, configure a few applications. And then connect to any of our POPs.
Right, we have 30 POPs worldwide. Connect to any of our POPs and still get access to this application which is connected to one of the POPs. So you connect to Singapore, still you get access to the application hosted in a network that’s connected to Boston. We take care of all the routing, all the security, make it very easy for these IT teams to not worry about installing VPN servers, managing all of this themselves, just relying on us and getting things going very quickly.
Beau Hamilton (45:25.57)
Yeah, yeah, I would just say from my standpoint, everything it just, it’s very not only responsive, but yeah, it just user friendly. I mean, I have a background of reviewing mobile apps in great detail. And that was the biggest thing is just the UI was so important because, you know, if you’re not able to access a lot of the features and like intuitively access them and navigate them, then the capabilities are limited, right?
So I appreciate everything that you’ve shown us here in this demo. Again, obviously, there’s a lot of ground to cover and only so much time. But I think viewers will get a much better understanding of how this product works in action here. So I appreciate it.
Now, I want to have one more question for you, Rohit, maybe a couple more questions, actually, just to help us envision the future of Cloudconexa and OpenVPN. You mentioned some of the kind AI agentic capabilities coming down the pipeline on the roadmap for the company. Do you have any other exciting innovations or announcements coming up you’d like to share?
Rohit Kalbag (46:37.409)
Yeah, definitely. We are continuously working to improve our products. And before CloudConnexas, some of the things that we are working on for Access Server, which is our self-hosted solution. And that’s very important because a lot of companies like to have total control over their infrastructure. So they want a self-hosted solution that, you know, they can control they can manage they know where it’s located, specially with data sovereignty and privacy and highly regulated companies and things like that. So one of the improvements we are going to release pretty shortly is we and you just spoke about how important UI is. So we are doing a completely new refresh on the UI for.
So we are modernizing it, giving it a new look and feel very close to what you are seeing here with CloudConnexa. We are bringing some of the functionality that would have probably required the admin to enter some CLI commands. We are exposing that to the UI. And that’s the major thing that’s coming pretty soon. That’s a quick teaser.
Beau Hamilton (48:07.886)
That’s exciting. Yeah, I know. When users hear about a UI refresh, some of them can, rightfully so, get kind of nervous because they know how something looks and feels. They know how to get around. But I think when it comes to this update and just seeing how well everything’s laid out with CloudConnexa here, I think there’s a lot of good reason to be excited for a UI refresh.
Rohit Kalbag (48:36.381)
Yeah, yeah. And then moving on to what’s in the near future for Access Server is that right now, just to give you background, because Access Server is self-hosted, the portal, the administration portal, runs on the server itself. So the admin needs to open their browser to the URL of the server log in and then go about configuring it. But what we are planning to do is kind of cloudify a bit. So just like CloudConnexas everything is run through a central portal. We are going to have a portal centralized portal hosted by us managed by us that the admins can now connect to and configure and use. And it will remotely configure the access server that’s self-hosted.
So what that does is it provides instant value because now, instead of using the IP address, there will be a sub-domain assigned. So automatically, they get a domain name. They get a SSL certificate. So errors like those scary errors like, hey, this is a self-signed certificate. Don’t use it. Don’t go to this website. All of that goes away. And then, of course, if you have multiple instances of access server, it becomes more convenient to manage and monitor them all through a central place rather than logging in through each of their administrative portals.
Yeah, that’s something we are going to work on. And then for OpenVPN as a protocol, we are going to do some major innovation there. We are going to make it have or be able to do peer-to-peer communication. And it will have multiple data channels. So basically, think of the OpenVPN client can simultaneously have a data channel to one server which is self-hosted. And another, let’s say a CloudConnexa a point of presence that it can just send the internet traffic to there so that the CloudConnexa can use IDS IPS or just send DNS traffic over there so that the content filtering works.
So all of this will happen simultaneously. And then we are going to bring that into CloudConnexa so that we’ll have a CloudConnexa gateway that can be self-hosted because now the clients can directly connect to it with what we call MDC, multiple data channel support for OpenVPN and also communicate with other CloudConnexas regions. So that’s something really big, something that we are really excited to be working on.
Beau Hamilton (52:16.866)
Now, do you have a rough timeline for when some of these features are gonna come out? Obviously, you don’t wanna rush them out and they take time to develop, but how soon can we expect some of them?
Rohit Kalbag (52:31.785)
So the access server new UI is fairly soon. Fairly soon to me means within three months. Yeah. And the cloudification will be much longer. Probably a longer time scale is six months plus. And the open VPN data channel, multiple data channel support. I don’t have a timeline in its genesis. And being community work, it depends on a lot of people getting together and driving it forward. But we do have definite plans for that.
Beau Hamilton (53:20.686)
Now, if there’s one key takeaway from the CloudConnexa demo that you’d like to leave listeners with, and Sean, feel free to chime in here as well. But if there’s one key takeaway, what might that be just to kind of resonate with listeners and give them one final takeaway?
Rohit Kalbag (53:51.38)
For me, would be, just give it a try. We have a free plan. And as soon as you sign up, the virtual network is ready for your use. So just go ahead and give it a try.
Sean Golriz (54:13.731)
Yeah, I just want to add one more thing here because when I talk to people, some people, see this with a lot of features and they get like little bit overwhelmed. It’s very simple. The simplicity in this application is just unimaginable. So just give it a try and you can see. as I said, we have weekly demo that happens twice a week and other resources that we can help users to get up and running the way they want.
Beau Hamilton (54:39.466)
Excellent. Now, for those interested in CloudConnexas or Access Server, and maybe they want to schedule a consultation, or maybe they just want to learn more about the platform, where should they go? Where should you send them?
Sean Golriz (54:52.675)
Well, if they go to our website, we have obviously a lot of documentation and tutorials, but if they want to see a demo, Rohit and I, we do twice a week demos for each application that they can sign up for it or register pretty quick on the website. And we have a one-on-one demos also that’s designed for small businesses, enterprises that they can do. But if they just want to get a general idea about how the things works, how to get it up and running, or configure certain things, they can just join us on those weekly demos on Tuesdays and Thursdays.
Rohit Kalbag (55:29.265)
So go to openvpn.net.
Beau Hamilton (55:33.688)
Perfect. Okay. openvpn.net. Tuesdays and Thursdays are the weekly demos. Very, very exciting. All right. Well, thank you guys so much. Thank you Rohit and Sean for showing us the CloudConnexa platform from OpenVPN. I really appreciate it.
Rohit Kalbag (55:48.743)
Thank you.
Sean Golriz (55:48.818)
Thank you very much.
Beau Hamilton (55:51.022)
Thank you all for watching this Product Demo Showcase. I’m your host, Beau Hamilton. Make sure to subscribe to stay up to date with all of our upcoming B2B software related podcasts and product demos. I will talk to you in the next one.