Overview#

Evon Hub is a VPN application that allows you to build an overlay network. An overlay network is a virtual network, similar to a LAN, that is built on top of another network such as the Internet. In short, it provides a way of connecting disparate systems together, no matter where they are, as if they were on a simple, local network. Evon can create such an overlay network from servers, PC’s and devices of various types. The overlay network can then be used for remote access to any connected computer via your own desktop or device, or to allow systems to communicate with eachother for file sharing, monitoring, remote management, centralised logging or any network service. It can even provide unrestricted internet access to systems that may be otherwise constrained, by for example adding a web proxy server to your overlay network and having other systems use it.

Evon uses OpenVPN under the hood to create the overlay network. There are many overlay network products out there, many of which use the more modern Wireguard protocol rather than OpenVPN. One of the main drawcards of OpenVPN is its ability to work in any environment where only TCP/443 is open (whereas Wireguard uses UDP only). Thus, servers are able to connect to your Evon Hub even if they are themselves behind a web proxy server. While Wireguard is a newer, simpler and faster protocol, OpenVPN provides unique features that may be required in some environments. It is also possible to join overlay networks of different types together, so that you can get the best of both worlds.

Basic Architecture#

Many Wireguard-based overlay networks support a peer-to-peer meshed topology, whereas Evon’s implementation using OpenVPN uses a hub-spoke topology. While meshed networks yield faster transfer speeds, the hub-spoke architecture used by Evon allows for a simple connectivity and rules framework that governs allowed communications between connected systems.

All connected devices obtain a static IPv4 address on the 100.x.y.z network subnet that you can choose when deploying your Hub. Attached servers also obtain their own globally resolvable DNS domain name in the form <hostname>.<yourcompany>.evon.link. Connected systems can reach eachother using these domain names.

Some Example Use Cases#

Use Evon Hub to:

  • Securely access your private servers and devices from anywhere using SSH, RDP, VNC or any other IP protocol

  • Give others (eg. support staff, contractors) access to only a limited set of systems or services

  • Expose private services like intranet websites, file servers, game servers, etc to trusted users or staff

  • Creating an Internet proxy server node and providing unrestricted Internet access to other systems via your overlay network

  • Deploy a monitoring server such as Zabbix and monitor any system connected to your Hub

  • Avail centralised logging for all connected systems

  • Segregate your environments (dev / staging / production) into server groups and provide access to authorized groups of users

  • Use your overlay network for orchestration purposes using tools like Ansible, Puppet, Chef, etc

  • Join any system that supports OpenVPN including Windows, Linux, Mac and mobile devices