UKCloud Ideas Community

The power behind public sector technology.

Post Idea

Filtered by Products

  • SteveW
    40
    Points
    SteveW   
    Currently there is no mechanism to failover public (or PSN) IP addresses between vDCs, to redirect traffic between 2 vDCs in a DR failover situation. Global Site Selection via DNS or manual DNS changes could be used to redirect traffic between 2 vDCs with different public IPs, but these options do have limitations (DNS caching etc).

    It would be useful to be able to advertise the same IP address/range from 2 different vDCs with BGP preferences plus interface tracking or health checks used to identify the preferred site and update the routing accordingly.

    Thanks
      Posted to Products  - Sub-category: Connectivity
  • Andy_W - UKCloud
    40
    Points
    Andy_W - UKCloud   

    One of the services we are seeing more and more call for on our Elevated platform is the desire to utilise trusted internet endpoints to support applications running in our elevated domain.

    The products team are looking for feedback if this type of internet breakout service providing customers using our Elevated platform with a secure, one-way gateway out to customer approved internet URLs would be of value.

    We've identified some potential use cases that include postcode lookups, payment transactions and access to vendor update servers.

    This service could help to improve your operational efficiency by providing a simpler alternative to downloading and installing patches within Elevated, or having to use a Cross Domain solution for simple data flows.

    We'd love to hear your thoughts in the comments section below - or just vote this idea up if you think it's something we should invest in developing..

      Posted to Products  - Sub-category: Connectivity
  • Matthew Miles
    10
    Points
    Matthew Miles   
    We use SSH key pairs as part of the instance creation process to secure logins to our machines. Users have to provide a username, SSH key and key password in whatever terminal application they are using in order to gain access.

    Administrators of the CNI environment also have the option to use the web console within the Instances menu, which can be a useful backup to ensure access to the instance is maintained should there be any network outage, etc.  However, (from what I can see) it would appear that there is no option to make use of the SSH key pair specified when creating the instance. This means that an admin can see the console, provide the username at the login prompt; but can then proceed no further (as they cannot present the SSH key).

    Would it be possible for this to be applied in the web portal to allow administrators to access the instance console from? Perhaps linked to the key storage as part of that user's profile?
  • Laurent
    10
    Points
    Laurent   
    Hi,

    I heard that UKCloud was planning to support VPNaaS OpenStack feature.
    I was wondering when would that become available.

    Thanks,
    Laurent
      Posted to Products  - Sub-category: Connectivity
  • GaryH
    10
    Points
    GaryH   
    We have been looking at security on one of our VMs and while we can restrict the range of IP addresses that connect to the server through the firewall, it would be useful to restrict the traffic based on the actual geographical location where the IP is coming from, as a trace showed a large number of hits coming from China, which is where many attacks come from.  In addition, looking through the Windows security logs, it would show that there had been lots of unsuccessful logon attempts to the server from these hits, using random user names such as FrontDesk, Voicemail, TestUser, Test, etc.

    Would be a useful function to have in the future, although I appreciate, thanks to Proxy servers, it wont be foolproof.
  • Laurent
    10
    Points
    Laurent   
    We would like to have a more robust OpenStack infrastructrure:

    - Enable Swift object storage
    - Enable LBaaS
    - Have at least 2 AZs housed in a different physical location

    Thanks,
    Laurent
      Posted to Products  - Sub-category: Connectivity
  • JonW
    10
    Points
    JonW   
    We currently can't get any metrics on our N3 usage. This is a problem, as NHSD are asking us capacity management questions we can't answer....
      Posted to Products  - Sub-category: Connectivity
  • Mike G
    10
    Points
    Mike G   
    The company that I work for uses a lot of SRAS certificates for user access to the IL3 environment. One of the biggest issues we have is when the certificate expires after 12 months. 

    It has been flagged by the teams working for our client that we have a high number of certificates that exipre and would be helpful if there was a way of setting up the SRAS certification to auto renew unless we raise a request to have a certificate revoked.
      Posted to Products  - Sub-category: Connectivity
  • a.key
    80
    Points
    a.key   
    Hi guys,
    Currently when a new IPSec tunnel needs to be created between UKCloud vDC and eg. remote office there are 2 things to do:
    1. Create the VPN in vEdge and the corresponding end at remote firewall
    2. Amend the vEdge gateway settings using vCloud API to update the external IP address of vEdge which vCloud changes automatically when initial config is saved. This is due to a BUG.

    You have a knowledge base articule about this: https://portal.skyscapecloud.com/support/knowledge_centre/bc067168-fb2f-4f8a-93c6-998856d7403b
    I don't know if you are aware how frustraing it is to actually go through the pain of manually updating the setting using the API every time a VPN is created.

    As we were informed in one of the tickets raised about this issue about 2 years ago You were waiting for VMWare to provide a patch for the issue. 2 years later and it's still not fixed.

    Why can't you create an item on the portal under eg. Compute menu where the setting of IPSec gateways could be modified.
    Rather than asking your customers to fix something that is currently broken due to the way you designed the network you should provide an easy and quick way of fixing it and not ask customers to follow the painful procedure of using the vCloud API to fix your BUG.
     
  • tlawrence
    30
    Points
    tlawrence   
    It would make things like Disaster Recover & Replication much easier if Skyscape supported a customer-defined private network between all of the customer's services. 
    This would essentially be a private routing domain where the customer defined the subnets for each location. 
    AWS have a similar concept called a "virtual private cloud" (VPC)

     
      Posted to Products  - Sub-category: Connectivity