DESIGN OF A SECURE NETWORK GATEWAY FOR CLOUD APPLICATIONS

The article is devoted to the design and configuration of a secure network gateway for cloud applications based on modern VPN protocols OpenVPN and WireGuard. In the context of the rapid development of cloud technologies and the increasing number of cyberattacks, ensuring secure remote access to services has become a key task of information security. The paper discusses relevant threats arising during data transmission in cloud environments and highlights the role of VPN technologies in preventing attacks. The features of OpenVPN and WireGuard are analyzed in detail, including their architecture, cryptographic foundation, ease of configuration, and performance. The study presents a gateway architecture comprising a VPN server, firewall filters, and routing mechanisms that enforce mandatory transmission of all traffic through an encrypted tunnel. Experiments conducted in a virtualized VMware Workstation environment showed that WireGuard provides higher data transfer speeds and lower latency, while OpenVPN demonstrates flexibility and compatibility with corporate systems. The combined use of both protocols improves system resilience and adaptability. The practical significance of the research lies in the possibility of implementing the proposed architecture in corporate and private networks to protect cloud applications, organize secure remote employee access, and enhance the security level of information resources.

1. Mahmood, Z. Virtual Private Networks: Fundamentals, security issues and solutions, pp. 1–7 (2023). https://doi.org/10.20944/preprints202306.1105.v1.

2. Parker, A. Efficacy of Full-Packet Encryption in Mitigating Protocol Detection for Evasive Virtual Private Networks, pp. 1–6 (2024) https://doi.org/10.48550/arXiv.2412.17352.

3. Xue, D., Ramesh R., Jain A., Kallitsis M., Halderman J., Crandall J., Ensafi R. Roya. OpenVPN is Open to VPN Fingerprinting. Communications of the ACM, pp. 79–87 (2024). https://doi.org/10.1145/3618117.

4. Farooq, I., Ahmed Syed., Ali, A., Warraich, M., Aqeel, M., Khan, H. Enhanced Classification of Networks Encrypted Traffic: A Conceptual Analysis of Security Assessments, Implementation, Trends and Future Directions. The Asian Bulletin of Big Data Management, pp. 500–522 (2024). https://doi.org/10.62019/ abbdm.v4i4.287.

5. Donenfeld, J. WireGuard: Next Generation Kernel Network Tunnel. NDSS Symposium, pp. 1–12 (2017). https://doi.org/10.14722/ndss.2017.23160.

6. Joel, A., Rajiv, S., Hadi, L., Anand, P. Empirical Performance Analysis of WireGuard vs. OpenVPN in Cloud and Virtualised Environments Under Simulated Network Conditions. Computers., pp. 1–52 (2025). https://doi.org/10.3390/computers14080326.

7. Mackey, S., Mihov, I., Nosenko, A., Vega, F., Cheng, Y. A Performance Comparison of WireGuard and OpenVPN., pp. 162–164 (2020). https://doi.org/10.1145/3374664.3379532.