As described in the Cyclades OnBoard Service Processor Manager User Guide, for security reasons an authorized user must establish a trusted connection with the OnBoard appliance before gaining native IP access to native management features on connected SPs.
Once a user has been authenticated and the user’s authorizations to access a device have been checked, the user with a VPN connection has unlimited access to the device. Since the OnBoard appliance cannot control whether a connected device allows unrestricted access to the rest of the network, the administrators of connected devices must take care to configure the connected devices in such a way as to control the access of individual users on individual devices to maintain the security of the network.
VPN connections establish encrypted communications between the OnBoard appliance and the remote host. The encryption creates a security tunnel for communications through an intermediate network which is untrustworthy. The remote host and the OnBoard appliance take care of encryption and decryption on their end. See
Configuring VPN Connections for more information.