This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

How-to guides

The user can create the service by entering the required information for using the Secured VPN (Virtual Private Network) service through the Samsung Cloud Platform Console.

Secured VPN Create

You can apply for and use the Secured VPN service from the Samsung Cloud Platform Console.

To request the creation of a Secured VPN service, follow the steps below.

  1. All Services > Security > Secured VPN Click the menu. Go to the Secured VPN Service Home page.

  2. Service Home page, click the Secured VPN Service Request button. Navigate to the Support Center > Service Request List > Service Request page.

  3. Service Request page, enter or select the relevant information in the required input fields.

    • In the task category, select Secured VPN creation.
      Input ItemDetailed Description
      TitleEnter the title of the service request content
      • Example: Secured VPN service creation request
      RegionSelect the location of Samsung Cloud Platform
      • Automatically filled with the region corresponding to the Account
      ServiceSelect the service category and service. If the Secured VPN service request button is pressed, it is entered automatically
      • Service Category: Security
      • Service: Secured VPN
      Task CategorySelect the type you want to request
      • Secured VPN creation: select when requesting a new service
      ContentGuidance on creating and applying basic customer information
      • Content to write: End customer/MSP information
      AttachmentUpload the completed Secured VPN service application form (required) and any additional files you wish to share
      • Each attached file can be up to 5 MB, with a maximum of 5 files
      • Only doc, docx, xls, xlsx, ppt, ppts, hwp, txt, pdf, jpg, jpeg, png, gif, tif files can be attached
      Table. Secured VPN Service Creation Request Items

  4. After checking the application process and reference information, click the Form Download > Service Request Form Download button to download the Secured VPN Service Application Form.

  5. Secured VPN service application form please fill it out.

    • Refer to the item descriptions in the Application Information and Control Information tabs, and fill out the required items.
      CategoryDetails
      Application InformationFill in required items such as application type, usage period, basic information, etc.
      • Application type: select application
      • Usage period: enter desired start date
      • Guaranteed bandwidth: select bandwidth
      • Basic information: enter Account name, Project name, recipient information
      Control informationCommon application information, same model/different model connection application information, etc. Fill required items (need to specify purpose per IP)
      • Same-model connection application information: when connecting SECUI equipment
      • Different-model connection application information: when connecting equipment other than SECUI
      Table. Secured VPN Service Creation Application Form Main Contents

  6. Attach the completed application form in the attachment area.

  7. On the service request page, click the Request button.

    • When the application is completed, check the submitted details on the Support Center > Service Request List page.

  8. After the monitoring officer verifies the submitted service request, the process for using the service proceeds.

  9. Secured VPN service will be launched.

Secured VPN Cancel

If you want to request termination of Secured VPN service, follow the steps below.

  1. All Services > Management > Support Center Click the menu. Support Center > Service Home Navigate to the page.
  2. Support Center Service Home on the page click the Service Request button. Service Request List page navigate.
  3. Service Request List page, click the Service Request button. Service Request page will be opened.
  4. Service Request page, enter or select the relevant information in the required input fields.
    • In the work category, please select Secured VPN termination.
      Input ItemDetailed Description
      TitleEnter the title of the service request content
      • Example: Secured VPN Service Termination Request
      RegionSelect the location of Samsung Cloud Platform
      • Automatically filled with the region corresponding to the Account
      ServiceSelect service category and service
      • Service Category: Security
      • Service: Secured VPN
      Task CategorySelect the type you want to request
      • Secured VPN termination: select if you want to terminate the service
      ContentGuidance on creating and applying basic customer information
      • Content to write: End customer/MSP information
      AttachmentUpload the completed Secured VPN service application form (required) and any additional files you wish to share
      • Each attached file can be up to 5 MB, with a maximum of 5 files
      • Only doc, docx, xls, xlsx, ppt, ppts, hwp, txt, pdf, jpg, jpeg, png, gif, tif files can be attached
      Table. Table. Secured VPN Service Termination Request Items
  5. Application Process and Reference Information after checking, click the Form Download > Service Request Form Download button to download the Secured VPN Service Application Form.
  6. Secured VPN Service Application please fill out.
    • Refer to the item descriptions in the Application Information and Control Information tabs, and fill out the required items.
      CategoryDetailed Content
      Application InformationFill in required items such as application type, usage period, basic information, etc.
      • Application type: select termination
      • Usage period: enter desired termination date
      • Guaranteed bandwidth: select the bandwidth applied for
      • Basic information: enter Account name, Project name, recipient information
      Control InformationWhen terminating the entire service, no input is required
      Table. Secured VPN Service Termination Application Form Main Contents
  7. Attach the completed application form in the attachment area.
  8. On the service request page, click the Request button.
    • When the application is completed, check the applied content on the Support Center > Service Request list page.
  9. After the monitoring staff verifies the submitted service request, if the monitored target IP is deleted, the termination process is completed.
    • Service termination takes 3 business days, including the cancellation request date.

1 - Secured VPN Construction Process Guide

To initiate the Secured VPN service, it is necessary to proceed with the installation of the branch VPN in the customer’s band and then perform the connection inspection work. However, if you have a directly operated VPN, you do not need to perform the connection inspection work. Please refer to the process below to apply for the Secured VPN service.

Caution
When using the Secured VPN service, please check the restrictions.
Configuration Diagram
Figure. Secured VPN Construction Process

1. Samsung Cloud Platform Console work (MSP performance)

  1. Apply for Direct Connect.
  2. Create a connection target VPC and DCon-VPN connection.
  3. Apply for Uplink line.
  • Application purpose: This is a setup work for communication between the customer’s Office (On-premise) and the customer VPC within the Samsung Cloud Platform.
    • Application path: Console > Support Center > Service Request should be selected.
    • Service: Networking > Direct Connect
    • Work classification: Uplink line application
    • Please inquire about the construction period and Uplink line work schedule through Console > Support Center > Contact Us.
  1. Set up routing, such as Firewall, Security Group, Direct Connect, etc.

2. Routing and Firewall Settings (Customer Implementation)

  1. Set up routing between the customer’s Office internal subnet and branch VPN, and configure the customer’s firewall. Prior consultation is required for routing and firewall settings. (SDS → MSP → Customer Company)
  2. Set up the Samsung Cloud Platform bandwidth and the customer’s Office bandwidth to allow for two-way communication.

3. Installation of customer’s VPN equipment and tunnel opening (MSP/SDS performance)

When installing VPM equipment for customer companies, you can use SDS equipment for rent or use your own equipment. Please check the process suitable for the situation.

Case 1) Using the branch VPN equipment as SECUI leased equipment provided by SDS

  1. Check the specifications, quantity, schedule, and installation location of the leased VPN equipment.(MSP→SDS)
  2. Request to create a pre-installation environment survey for VPN installation.(SDS → MSP)
  3. Visit the customer’s site and install SECUI leased VPN equipment.(SDS)
  4. Open a tunnel between the branch VPN and the center VPN.(SDS)

Case 2) When using the branch VPN equipment as the customer’s own equipment

  1. Check the specifications and schedule of the branch VPN equipment.(MSP→SDS)
  2. Request equipment compatibility, IPSec VPN license/equipment settings. (SDS → Customer/MSP)
  3. Open a tunnel between the branch VPN and the center VPN.(Customer/SDS)
Reference
  • In case the customer requests a VPN installation work plan, please inquire through Console > Support Center > Contact Us or mssp.scp@samsung.com.
  • Please proceed with the work in compliance with the National Intelligence Service VPN installation guide and security review standards.

4. End-to-End test (MSP/SDS execution)

  1. Check and share the test schedule after installing the branch VPN equipment (or setting up existing equipment) and share it. (SDS → MSP)
  2. Check the communication between the branch VPN device and VPC (both directions).
Caution
The End-to-End test may fail due to reasons such as not applying for an uplink line, customer routing and firewall setting errors, etc.