This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

How-to guides

Users can create the service by entering the required information for using the Secured VPN (Virtual Private Network) service through the Samsung Cloud Platform Console.

Create Secured VPN

You can apply for and use the Secured VPN service from the Samsung Cloud Platform Console.

To request the creation of a Secured VPN service, follow these steps.

  1. Click the All Services > Security > Secured VPN menu. You will be taken to the Service Home page of Secured VPN.

  2. On the Service Home page, click the Secured VPN Service Request button. Navigate to the Support Center > Service Request List > Service Request page.

  3. Service Request page, enter or select the required information in the mandatory input fields.

    • In the task category, select Secured VPN creation.
      Input fieldDetailed description
      TitleEnter the title of the service request
      • Example: Secured VPN Service Creation Request
      RegionSelect the location of the Samsung Cloud Platform
      • Automatically filled with the region corresponding to the Account
      ServiceSelect the service category and service. If you click the Secured VPN service request button, it is entered automatically
      • Service Category: Security
      • Service: Secured VPN
      Task classificationSelect the type you want to request
      • Create Secured VPN: select when requesting a new service
      contentCustomer Basic Information Entry and Application Process Guide
      • Content: End Customer/MSP Information
      AttachmentIf you have a completed Secured VPN service application (required) and any additional files you wish to share, proceed with the upload
      • You can attach up to 5 files, each no larger than 5 MB
      • Only doc, docx, xls, xlsx, ppt, ppts, hwp, txt, pdf, jpg, jpeg, png, gif, and tif files are allowed
      Table. Secured VPN service creation request items

  4. After reviewing the application process and reference information, click the Form Download > Service Request Form Download button to download the Secured VPN Service Application Form.

  5. Please fill out the Secured VPN Service Application Form.

    • Refer to the item descriptions in the Application Information and Monitoring Information tabs and complete the required fields.
      CategoryDetailed description
      Application InformationComplete required fields such as request type, usage period, and basic information
      • Application type: select application
      • Usage period: enter desired start date
      • Guaranteed bandwidth: select bandwidth
      • Basic information: enter Account name, Project name, recipient information
      Monitoring informationCommon application information, same-model/different-model connection application information, etc., fill in required items (specify usage per IP)
      • Same-model connection application information: when connecting SECUI equipment
      • Different-model connection application information: when connecting equipment other than SECUI
      Table. Main contents of the Secured VPN service creation request form

  6. Attach the completed application form in the attachment area.

  7. Click the Request button on the service request page.

    • After the request is completed, check the submitted details on the Support Center > Service Request List page.

  8. After the monitoring personnel review the submitted service request, they proceed with the process to use the service.

  9. Secured VPN service will be launched.

Terminate Secured VPN

To request termination of the Secured VPN service, follow the steps below.

  1. Click the All Services > Management > Support Center menu. Go to the Support Center > Service Home page.
  2. On the Support Center Service Home page, click the Service Request button. You will be taken to the Service Request List page.
  3. On the Service Request List page, click the Service Request button. You will be taken to the Service Request page.
  4. Service Request page, enter or select the required information in the mandatory input fields.
    • In the task category, select Secured VPN termination.
      Input fieldDetailed description
      TitleEnter the title of the service request
      • Example: Secured VPN Service Termination Request
      RegionSelect the location of the Samsung Cloud Platform
      • Automatically filled with the region corresponding to the Account
      ServiceSelect service category and service
      • Service Category: Security
      • Service: Secured VPN
      Task classificationSelect the type you want to request
      • Terminate Secured VPN: select if you are terminating the service
      contentGuide to Entering Customer Basic Information and Application Process
      • Content: End Customer/MSP Information
      AttachmentIf you have a completed Secured VPN service application (required) and any additional files you wish to share, proceed with the upload
      • You can attach up to 5 files, each no larger than 5 MB
      • Only doc, docx, xls, xlsx, ppt, ppts, hwp, txt, pdf, jpg, jpeg, png, gif, and tif files can be attached
      Table. Table. Secured VPN Service Termination Request Items
  5. After reviewing Application Process and Notes, click the Form Download > Service Request Form Download button to download the Secured VPN Service Request Form.
  6. Please fill out the Secured VPN Service Application Form.
    • Refer to the item descriptions in the Application Information and Monitoring Information tabs, and fill out the required fields.
      CategoryDetailed description
      Application InformationComplete required fields such as request type, usage period, and basic information
      • Request type: select termination
      • Usage period: enter desired termination date
      • Guaranteed bandwidth: select the bandwidth you applied for
      • Basic information: enter Account name, Project name, and recipient details
      Monitoring informationWhen terminating the entire service, no input is required.
      Table. Main contents of the Secured VPN service termination request form
  7. Attach the completed application form to the attachment area.
  8. Click the Request button on the service request page.
    • Once the request is completed, verify the submitted information on the Support Center > Service Request list page.
  9. After the monitoring team reviews the submitted service request, the termination is completed once the monitored IP is deleted.
    • Service termination requires three business days, including the cancellation request date.

1 - Secured VPN Build Process Guide

To launch the Secured VPN service, you need to install a branch VPN in the client’s network and then perform an integration check. However, if you have a VPN that you operate directly, the integration check is not required. Refer to the process below to apply for the Secured VPN service.

Caution
Be sure to check the restrictions when using the Secured VPN service.
Diagram
Figure. Secured VPN deployment process

Samsung Cloud Platform Console task (perform MSP)

  1. Apply for Direct Connect.
  2. Create a VPC and DCon-VPN connection for the connection target.
  3. Apply for Uplink line.
    • Purpose of request: Configuration work to enable communication between the customer’s Office(On-premise) and the customer’s VPC within the Samsung Cloud Platform.
    • Select the application path: Console > Support Center > Service Request.
      • Service: Networking > Direct Connect
      • Task Category: Uplink line request
    • For the construction lead time and Uplink line work schedule, please inquire via Console > Support Center > Contact.
  4. Set up routing for Firewall, Security Group, Direct Connect, etc.

Routing and firewall configuration (client performed)

  1. Configure routing between the client’s Office internal network and the branch VPN, and set up the client’s firewall.
    • Prior consultation is required for routing and firewall configuration. (SDS → MSP → customer)
  2. Configure the Samsung Cloud Platform segment and the client Office segment for bidirectional communication.

Installation of client VPN equipment and tunnel activation (MSP/SDS performed)

When installing the customer’s VPM equipment, you can either rent equipment from SDS or use your own equipment. Check the process that applies to your situation.

Case 1) When using the branch VPN device as a SECUI rental device provided by SDS

  1. Check the specifications, quantity, schedule, and installation location of the leased VPN equipment. (MSP→SDS)
  2. Please request the preparation of a pre‑installation environment survey for VPN. (SDS → MSP)
  3. Visit the client site and install the SECUI rental VPN equipment. (SDS)
  4. Open a tunnel between the branch VPN and the center VPN. (SDS)

Case 2) When using the branch VPN device as the customer’s own equipment

  1. Check the branch VPN equipment specifications and schedule. (MSP→SDS)
  2. Request equipment compatibility and IPSec VPN license/equipment setup. (SDS → client/MSP)
  3. Establish a tunnel between the branch VPN ↔ center VPN. (Customer/SDS)
Reference
  • If the client requests a VPN installation work plan, contact via Console > Support Center > Contact or mssp.scp@samsung.com.
  • Proceed with the work in compliance with the National Intelligence Service VPN installation guide and security review standards.

End-to-End test (perform MSP/SDS)

  1. Verify and share the test schedule after installing the branch VPN equipment (or configuring existing equipment). (SDS → MSP)
  2. Verify communication between the branch VPN device and the VPC (bidirectional).
Caution
Uplink line not requested, customer routing and firewall configuration errors, etc., can cause the End-to-End test to fail.