
Show HN: Portal Cloud – VPN Service for Teams - jeff393
https://portal.cloud/#
======
jeff393
Hi everyone, Co-founder of Portal Cloud VPN here.

Thanks for checking us out! We're about halfway through YC Startup School, and
it's been an incredible experience so far (particularly getting to know/learn
from our group). We just launched Portal Cloud VPN two weeks ago, and our goal
is to enable teams to securely access private company resources (internal web
apps/production servers etc..), and help remote employees or contractors
secure their internet traffic.

We think all professionals & remote employees should be using a business-
quality VPN, and would love to hear what you think (positive, or critical).

Thanks, Jeff@portal.cloud

~~~
gravypod
What traffic do you inspect and log? If someone works in an industry like
healthcare could you sign a BAA?

~~~
jeff393
We don't inspect or log any customer traffic, and we treat your VPN server as
private and confidential. We aren’t currently able to sign a HIPAA BAA, but
we’re working on being able to do so in the future.

------
akerl_
It seems like when this talks about "enabl[ing] teams to access private
company resources", it means "access 3rd party cloud services that support IP
whitelisting"? For example, if I set up another service on the internet to
only allow connections from the dedicated VPN server IP. But it wouldn't let a
remote employee access a service running in the company's office LAN. Am I
misreading that?

Additionally, what protections are in place to ensure Portal Cloud staff
aren't monitoring the traffic or accessing a customer's "private company
resources"?

~~~
jeff393
Yes, that's right. We're referring to IP whitelisting there. We're also adding
(very shortly) site-to-site VPN connections, so users can link their AWS/GCP
VPC or even a traditional office/datacenter LAN.

Even with a VPN, any sensitive services should have their own auth and logging
enabled. Requiring a VPN doesn't remove the need for other forms of security,
but it does add a very effective layer of security. We also have a strong
business incentive not to violate the trust of our customers. We're hoping to
prove that we can be trusted over time, and to use technology to reduce the
need for trust.

------
photonios
Does this tunnel all internet traffic through the VPN or has it the option to
only tunnel traffic to certain addresses?

Our current OpenVPN set up involves whitelisting addresses for which traffic
needs to go through the VPN. All other traffic goes around the VPN. Does
Portal Cloud VPN support a set up this?

------
raresp
You're offering a good service. Many dev and QA teams are looking for this
kind of solutions.

------
JoshuaAshton
I don't see the point considering it takes about 5 minutes to setup OpenVPN on
a server? Am I missing something?

------
orev
Is this different from a regular VPN? I’m not getting it from the web site how
“Team VPN” is different from a regular one.

~~~
jeff393
The biggest difference is that you really do get your own private server
running the OpenVPN and WireGuard daemons. Your team members get accounts on
your server but no else does. Your server has a dedicated IP address for
whitelisting, auto-scales with usage, and has no artificial limits on number
of users you can add (though we do have recommendations for performance).

We're also adding site-to-site links with AWS/GCP VPC very soon and have
transparent pricing.

The consumer VPN providers are pretty good for what they're designed for but
are generally lacking the features businesses need. And the business VPNs are
generally much worse to buy and use. We're working to build a consumer-quality
business VPN.

Thanks for the question!

~~~
orev
Ok, so you’re comparing the service to standard consumer “anonymizing” VPNs,
which no real business would be using. You’re probably better off (and need to
address in your value proposition) comparing to VPNs provided by standard
firewalls that would normally be used in a business, like Cisco AnyConnect,
etc. That’s what your real competition is.

~~~
fulafel
Corporate VPNs are mostly used by old businesses thar have a lot of legacy
infrastructure on the "internal network". That market may be hard to crack and
it's an obsolete model, thus a shrinking market.

