Share files among your PC, iPad and iPhone.

	Service
VNN-AppDesk VNN-ERPVPN VNN-IDCVPN VNN-RDPVPN VNN-FileExpress VNN-VVPN

	VNN for Virtual Infrastructure Based IDC

Background:

Enterprises have long been hosting their public servers, like web servers, with the IDC. Now enterprises start to relocate their business servers, like LDAP or SQL or Sharepoint.

Issues:

When hosting business servers with IDC, how to keep the servers hosted accessible becomes a challenge.

1. Security: For a business server, exposing it to the public is not proper. Setup one VPN for one enterprise's multiple servers is a choice but not very scalable.

2. Access Control: When many servers hosted with the IDC, how to restrict one enterprise canonly access its servers but not anything else requires complicated configuration, if ever possible. When moving the hosted servers around in the IDC, it could be further problematic and increase the long term management cost.

Solution:

VNN is a peer to peer VPN. A central authentication server is used to help establishing the virtual tunnel between the peers. The real network traffic goes directly between the peers. VNN uses the AES256 algorithm to encrypt the network traffic.

There are two layers of access control mechanism can be used to control the access between the peers.

1. Built-in Tunnel Firewall: A central manageable firewall can be configured to allow the access between the peers by port, IP and ID.

2. Domain: For each enterprise, one domain can be used. Only IDs belonging to the same domain can access each other. The IDs are in the form of web.sun.vnn, exchange.sun.vnn, mail.hp.vnn, lotus.hp.vnn, etc. The first two IDs belongs to one domain, ie. sun.vnn.

Typical Deployment:

1. Run the VNN Management Server on one of the server in IDC.
2. For each enterprise, assign a domain for them to use.
3. For each server belonging to one enterprise, assign an ID for it.
4. When server signs in with its VNN ID, it will be assigned a virtual IP.
5. The servers can freely communicate with each other, as long as their IDs with the same domain.
6. For some servers that only need to be accessible on certain TCP port, create the corresponding VNN Firewall Rule for it.
7. No matter how the hosted server's IP changes, the virtual VNN IP is always the same. It ties with the VNN ID. This could be useful when the hosted server is in the virtual infrastructure.
8. The virtual tunnel can also be used for the IT staff of the enterprise to remotely manage the hosted servers.

Case Study:

1. SanXin is an IDC based in Beijing, China.
2. They have several hundreds of hosted servers belonging to different enterprises.
3. They use VNN as a VPN SaaS for the enterprise admins to remotely maintain their hosted servers.
4. The benefits that VNN provides here are the security and easy of access.