How to Connect Softdrive Cloud PCs to Your Network

Accessing On-Prem Resources
Our vision

Introduction

If you are in the middle of migrating to the cloud, or if you are using a hybrid-cloud model, you may have resources outside of Softdrive that you would like to access on Softdrive Cloud PCs. Some examples include:

There are two ways to get access to another network from Softdrive Cloud PCs:

  1. Using a VPN client
  2. Using a site-to-site VPN

Using a VPN Client

Using this model, you can consider Softdrive Cloud PCs to be like company-issued laptops that you would provide to an employee so that they could work from home.

A VPN client connects a user or device to a VPN server. This server can be part of the network you would like to grant access to, such as your office's network.

If access to on-prem AD domain controllers is a requirement, i.e. to log in to your domain in order to log in to Windows, we would recommend using a VPN that can run on the Windows login screen.

Using a Site-to-Site VPN

Using this model, you can consider Softdrive Cloud PCs to be part of a satellite office.

A site-to-site VPN connects one network to another network, rather than connecting a device to a network. With a Softdrive Team LAN, all of your company's Cloud PCs will be part of the same network, and this network can be granted access to another network using a site-to-site VPN.

A site-to-site VPN only needs to be configured once to connect your current and future Cloud PCs to your network.

To configure a site-to-site VPN, please see the Networks tab of your Softdrive management dashboard.

Zero-Trust Network Architecture

The core of the Zero-Trust Network Architecture philosophy is that access to a network does not imply authentication: even if you are connected to a corporate network, or using a VPN, you still need some other form of authentication to access services.

Many organizations have looked to pursue a Zero-Trust architecture in order to increase security by restricting the impact of network breaches, or to prepare to transition to a cloud or hybrid-cloud model.

One approach to Zero-Trust involves eliminating VPNs altogether, and using a more fine-grain access approach. You could think of this as a "per-app" or "per-port" VPN rather than granting blanket access to your network. With this approach, you would not need to use either of the VPN options mentioned above, as resource-access would be handled by your Zero-Trust or Software-Defined Networking (SDN) software instead.

Alternatively, if you continue to maintain an internal network with a Zero-Trust model, the security concerns with a network breach are greatly reduced. In this case you may be more comfortable pursuing a VPN that is always connected, such as a VPN Client with no timeout, a VPN Client with cached credentials, or a site-to-site VPN. Always-connected VPNs are more user-friendly as they do not require frequent re-authentication.