CPA

Overview & Features

Secure remote access from mobile devices with CPA (Closed Packet Access)

CPA (Closed Packet Access) is a secure remote access service that allows you to access your intranet outside the office with various communication devices (a mobile PC + data communication card, smartphone or tablet). Connections can be established from devices that are compatible with a wide array of communication standards ranging from CDMA 1X to 4G LTE, allowing you to use high-speed data communications [1].

  • [1]
    This is a best-effort service. The actual speed may fall substantially short of the maximum for various reasons including the customer's communication environment and traffic conditions, even within service areas. Even within the service area, data communication may not be available in locations with weak signals.
  • CPA connections may not be available depending on the device specifications.

System diagram of "CPA"

Figure: System structure diagram

Contract type

Offering two types of contracts for CPA, customers can choose either according to their usage conditions.


Access line type Contracted line (between CPA and access line) Rate system
Type A Course 2 KDDI IP-VPN/WVS Shared type Basic rate according to number of IDs
Type B Course 1 KDDI IP-VPN/WVS Personal type Basic rate according to the item of contracted line

Three reasons for using CPA

  1. Reason 1High-security network -- Customers and KDDI center connected with fixed networks

    Customer offices are connected to a KDDI center (access point) by a fixed network. This structure offers a high security communication environment.

  2. Reason 2Packet charging -- No worries about the connection time

    au packet communication charges are calculated based on the amount of data transmitted and received (the number of packets), allowing you to use without having to worry about the connection time. Since high charges may be incurred depending on the number of packets, a packet communication flat-rate service and various discount services are available.

  3. Reason 3Enhancement of security -- Authentication service for additional safety
    • RADIUS authentication service (for-fee)
      The authentication system RADIUS, established within KDDI, undertakes the authentication of the user ID and password. As an optional service, one-time password authentication (for-fee) is also available.
      • RADIUS can be installed on the customer side to perform authentication.
      • For the Type A Course 2, this option is included in the contract (Note that the service charge is included in the basic rate).
    • Terminal authentication service (for-fee)
      Authentication is performed based on the phone number of the connecting device. A combined contract with the RADIUS authentication service can offer you enhanced security.
      • Terminal authentication service is only available through a combined contract with the RADIUS authentication service.
      • For the Type A Course 2, this option is included in the contract (Note that the service charge is included in the basic rate).
    • Customer control service (for-fee)
      Customers who are using KDDI's RADIUS authentication service and terminal authentication service can register user IDs and passwords from the customer's office. The account log of RADIUS relating to connections can also be accessed.
      • Terminal authentication service is only available through a combined contract with the RADIUS authentication service.
      • For the Type A Course 2, this option is included in the contract (Note that the service charge is included in the basic rate).
    • Address assignment system
      The carrier assignment system (dynamically assigns IP addresses to terminals) and the user assignment system (statically assigns IP addresses to terminals) are available as methods to assign IP addresses to terminals.

      Charges

Contact