170 likes | 377 Views
Network Connectivity Options. Currently offered by Wyless. Option 1: Standard, no VPN. Mobile-originate traffic only Outbound traffic can be filtered by white listing IP addresses or ports (such as blocking all traffic except for customer's public-facing server)
E N D
Network Connectivity Options Currently offered by Wyless
Option 1: Standard, no VPN • Mobile-originate traffic only • Outbound traffic can be filtered by white listing IP addresses or ports (such as blocking all traffic except for customer's public-facing server) • Useful when there is no requirement to initiate a session to the cellular device
Option 2: PPTP VPN • Requires PPTP client on every host initiating session to the cellular device • Slightly less secure than IPsec VPN • Outbound traffic to internet can be filtered by white listing IP addresses or ports • Typically used for development or testing purposes • PPTP in Porthos account has access to all cellular connections in that account
Option 3a: Standard IPsec VPN • Only traffic intended directly for customer's LAN goes over the IPsec tunnel • Outbound traffic to internet can be filtered by whitelisting IP addresses or ports • Most popular and easiest type of IPsec to set up
Option 3b: Default-Gateway IPsec • All traffic goes through the tunnel to customer LAN • Customer can directly monitor/control cellular traffic out to internet themselves • Avoids customer IP addressing conflicts with Wyless network
Option 3c: GRE over IPsec VPN • Alternative to default-gateway IPsec • GRE allows use of dynamic routing protocols • “Split GRE” configuration can still allow cellular traffic directly to internet
Option 4: MPLS connectivity • alternative to GRE-IPSec • Requires customer provided router(s) and circuit(s) into our datacenter
Option 5: Public Static Addressing • Requires use of very limited public IP addresses • Allows mobile-terminate traffic without VPN • Least secure of any connectivity option • Outbound or inbound traffic can be filtered by whitelisting internet IP addresses or ports • Device is vulnerable to unsolicited bandwidth usage by random internet sources