OpenVPN Business VPN | TechRadar
feature
For businesses looking for a cloud-delivered service to help them connect private networks, devices and servers, there is a CloudConnexa offering on OpenVPN. CloudConnexa provides cloud-based VPN services designed to make secure networking simpler for businesses. It provides secure access to applications, private networks, remote workers and IoT devices without the management of complex hardware or server software, thus avoiding the issues of complex configuration.
Standout features include ZTNA for enhanced security, a fully meshed network that allows seamless connectivity between all users and resources, and Cyber ​​Shield to defend against malicious content by blocking potential threats before they reach the network.
Another feature of OpenVPN is its Access Server, a self-hosted secure access solution. This certainly provides more control over the network and underlying resources, but requires more technical knowledge. Access server can be installed:
- As a package on Linux servers Ubuntu LTS, Redhat, Debian, Amazon Linux
- As a cloud image on AWS, Digital Ocean, Azure, GCP, Oracle
- As a virtual appliance on VMware ESX or Microsoft HyperV
Once set up, you can provide connectivity to devices from all your devices through a variety of VPN clients operating systemdesktop or mobile device. The user authentication process is highly versatile, offering built-in systems with web-based management or integration with external authentication methods such as PAM, LDAP, RADIUS or SAML. For advanced authentication needs, you can even implement custom programming using Python.
You can create access control rules to specify user or group access to specific IP addresses and subnets, and even determine which devices can make direct VPN client connections. For routing options, Access Server offers full tunnel and split tunnel redirection, giving you the flexibility to route all Internet traffic through the VPN or only specific traffic, depending on your security and bandwidth requirements.
All of the above only scratches the surface of the complex and granular configurations you can do with OpenVPN.
Pricing and plans
If you’re not sure what OpenVPN is, or you just want to test it out, you can use the free plan to set up three connections. However, if you wish to create a self-hosted solution, the number of connections for the free plan is two. The next plan, called “Growth,” costs $14 per connection per month; you can get a discount if you choose annual billing, which costs $11 per connection. The last plan, Enterprise (more than 500 connections) requires you to contact us for a quote.
It’s important to note that if you choose a self-hosted solution vs. CloudConnexa, there are different capabilities. With the self-hosted option, you get full support for IPv4 and IPv6 connections, advanced security settings such as FIPS compliance, and multiple authentication options including SAML, LDAP, and RADIUS. This option gives you detailed access logs, powerful routing capabilities (such as application-based domain routing), and the ability to handle overlapping IPs, making it ideal for enterprises that require maximum customization and control.
CloudConnexa, on the other hand, still has core features like IPv4 support, basic routing capabilities, and standard authentication methods. However, some advanced features, such as full IPv6 support, DNS logging, and some location control policies, are still in development. If you want a simpler hosting solution that still meets basic network and security needs but doesn’t require the infrastructure management responsibilities of a self-hosted setup, CloudConnexa is ideal.
Performance
OpenVPN prides itself on its strong security features, but it falls short when it comes to speed. Some of this is due to the complex server-side configuration options available, other reasons are due to the protocol itself being a bit slower than its competitors. For example, WireGuard is more than 20% faster on average, while still leveraging sophisticated encryption techniques for security purposes.
All in all, if speed is the most important factor, OpenVPN may not be the best choice, however, we recommend trying the free version to test the features and speed before deciding if it’s right for you. We’re not trying to say it’s the slowest protocol or that it’s unusable, just that it’s slower than other solutions on the market.
Privacy and security
Security is one of OpenVPN’s biggest advantages. Start with strong AES-256 and Blowfish encryption. Additionally, it provides fully automated VPN certificate configuration and management. For enterprises that want complete control of their public key infrastructure (PKI), they can do so using an external PKI system. VPN tunnels are secured with TSL authentication, credentials, certificates, and optional MAC address lock.
Supports multiple forms of multi-factor authentication, built-in TOTP MFA, and other external authentication methods mentioned earlier. However, if you have a service like Duo Security or LastPass, you can add them using a post-authentication plug-in. Additionally, perfect forward secrecy (PFS) is supported, which means that even if the encryption key is compromised, past communications will not be decrypted.
alternative
A potential alternative for more tech-savvy users is Remote VPNsimilar to OpenVPN, is not a typical VPN service. That said, Radmin is, first and foremost, completely free and a great choice for creating a virtual LAN through which resources can be shared. It doesn’t have advanced features to speak of, but it complements other services that include firewall-as-a-service models, antivirus, anti-phishing, and malware solutions very well. It uses the same encryption protocol as OpenVPN, but is less complex and advanced in terms of security. Whether Radmin VPN is a good alternative will depend on whether you need a virtual LAN component or a comprehensive ZTNA solution.
For a one-stop ZTNA solution that doesn’t require much technical knowledge and suits your needs, you can turn to North floor. NordLayer provides firewall, internet protection and more without compromising on speed. In terms of pricing, it’s very competitive with OpenVPN, and depending on the size of your company, may be the better choice overall.
final verdict
For those new to the subject, it can be difficult to fully understand what OpenVPN is all about. Although it is a communication protocol, it is also a VPN in the full sense. If you choose to self-host, a significant amount of technical knowledge is required, as is the case with most complex ZTNA implementations. On the other hand, it offers a cloud-hosted variant that is easier to implement and offers most of the options found in a self-hosted environment. Of course, some advanced features are still in development, but thanks to the open source concept, we’re sure updates will be quick.
Overall, whether OpenVPN is the right choice for you depends largely on your unique needs and the availability of technical staff capable of implementing it properly. Of course, there are also pricing factors and performance to consider. All in all, OpenVPN is a solid choice for companies looking to implement a ZTNA approach and protect their remote employees and company assets.
