Last updated: February 2026
CloudConnexa is a cloud-delivered secure networking service that provides zero trust network access (ZTNA) and essential security service edge (SSE) capabilities. It enables remote, hybrid, and in-person workforces to securely work from anywhere, giving businesses greater flexibility without added risk.
Key capabilities include:
- Secure remote access to private networks and resources with continuous zero-trust enforcement
- Prevention of lateral movement, ensuring connections originate from trusted devices and locations
- The ability to turn SaaS tools into private applications, reducing your attack surface and rendering stolen credentials useless
- Built-in IDS/IPS and content filtering to block cyber threats and unwanted content
How CloudConnexa Works
When you sign up for CloudConnexa, a virtually dedicated worldwide private network — called a Wide-area Private Cloud (WPC) — is created exclusively for your organization. It spans more than 30 worldwide points of presence (PoPs) across 6 continents, connected in a full-mesh topology for high performance and redundancy.
You can connect your applications and networks to these PoPs using IPsec or OpenVPN, via the OpenVPN Connector software, lightweight virtual machines, or compatible routers. Your workforce then accesses these applications by installing the OpenVPN Connect app on their devices and connecting to the nearest PoP.
Features
Simple Administration
| Feature | Description |
|---|---|
| Administration Web Portal | A user-friendly interface for managing networks, devices, access controls, and more. |
| Configuration Wizards | Point-and-click configurations for networks, hosts, IDS/IPS, and content filtering. |
| Application Sharing (AppHub) | A secure extranet for sharing private applications with other businesses and departments, giving them access to necessary data or services. |
| OpenVPN Connect Client OS Support | Clients available for Android, iOS, Windows, and macOS. |
Connectivity
| Feature | Description |
|---|---|
| IPv4 and IPv6 Support | Supports a growing number of IoT devices and networks without dual-stack devices or workarounds. |
| Data Channel Offload (DCO) | Increases VPN speed and performance by relocating data channel encryption/decryption to kernel space. |
| OpenVPN and IPsec Protocol Support | Connects networks to CloudConnexa PoPs using OpenVPN or IPsec, both with broad support across networking equipment. |
| Global Presence (30+ PoPs) | High-bandwidth core network of PoPs across 6 continents, each with high-performance, multi-tenant servers. |
| Full-Mesh Topology | Multiple connection paths and direct routes across 30+ worldwide PoPs for increased redundancy and reduced latency. |
| Full Application Support (TCP, UDP, IP) | Supports any application communicating over TCP and UDP. |
Actionable Visibility
| Feature | Description |
|---|---|
| Access Visibility | Visibility into which private resources are accessed and by whom, eliminating security blind spots. |
| DNS Log | Captures all DNS resolution requests, showing domains visited and whether requests were successful, blocked, or failed. |
Authentication
| Feature | Description |
|---|---|
| LDAP and SAML Support | Centralizes user management and provides secure Single Sign-On (SSO) access. |
| SCIM Support | Automates user provisioning and deprovisioning between CloudConnexa and your identity provider. |
| Passwordless Authentication (Passkey) | Replaces passwords with phishing-resistant cryptographic passkeys for faster, more secure login. |
| Multi-Factor Authentication | Adds an extra layer of security via email or an authenticator app (e.g., Google Authenticator). |
| Custom Password Policies | Enforces complexity requirements, compromised password checks, and credential history rules. |
Built-in Security
| Feature | Description |
|---|---|
| Device Profile Lock | Prevents transfer of an authorized device's OpenVPN profile to reduce your attack surface. |
| Device Posture Policies | Ensures devices meet predefined rules (OS version, antivirus, disk encryption, etc.) before connecting. |
| Location Context Policies | Allows or blocks connections based on IP address range or country geolocation. |
| Built-in IDS/IPS (Cyber Shield) | Automatically monitors and blocks malicious traffic by category or threat priority. |
| Content and Web Filtering (Cyber Shield) | Blocks domain resolutions for 43 categories of undesirable or unsafe websites, with customizable allow/block lists. |
| Access Groups | Defines which user groups and networks can access specific hosts, networks, applications, and IP services. |
Advanced Routing
| Feature | Description |
|---|---|
| Domain-based Routing | Simplifies routing using domain names instead of IP subnets, resolving IP overlap issues. |
| Overlapping IP Address Support | Uses unique FQDNs to differentiate networks with overlapping IP addresses. |
| Smart Routing | Optimizes routes based on geographic proximity and network characteristics. |
| Restricted Internet Access | Blocks internet access — except to trusted destinations — for select user groups and networks. |
Automation & Logs
| Feature | Description |
|---|---|
| Log Streaming | Stores events from Access Visibility, Connection Status, Cyber Shield, and Audit Log into an AWS S3 bucket for SIEM integration. |
| Audit Log | Tracks all WPC modifications — what changed, who did it, and when — for troubleshooting and audits. |
| CloudConnexa API | Integrates with other systems to manage your WPC programmatically and automate workflows. |
| IaC using Terraform | Automates configuration, user management, and access control as code for consistency and scalability. |
Customer Testimonials
"The implementation team at CloudConnexa was a cut above. They were able to precisely guide me in configuration of IPSEC VPN tunnels using Unifi gateways. The system has continued working very well, providing reliable inter-cloud connectivity using SD-WAN."
"The process of installing OpenVPN is simple and secure. Once loaded I can connect to [my clients'] systems whenever they need help… Their portal is clear and easy to understand. Customer support is also quick and helpful."
"What I appreciate most is that every time the VPN is activated, the user must authenticate through Single Sign-On (SSO). This enables us to link all our critical systems to the VPN, and if necessary, we can easily revoke access by deactivating the user's main account using the SSO."
See what others are saying about CloudConnexa on G2.
© 2025 OpenVPN Inc. OpenVPN® and CloudConnexa® are registered trademarks of OpenVPN, Inc. | openvpn.net
Comments
0 comments
Article is closed for comments.