Wonder whether the government of India makes any demarcation between corporate VPN or personal VPNs? Or is it just consumer VPN services that need to comply.
Everything from cloud vendors, ZScaler, Cisco AnyConnect are technically offering access to private networks with a mix of public internet &/or intranet
> Data Centres, Virtual Private Server (VPS) providers, Cloud Service
providers and Virtual Private Network Service (VPN Service) providers,
shall be required to register the following accurate information
which must be maintained by them for a period of 5 years or longer
duration as mandated by the law after any cancellation or withdrawal of
the registration as the case may be:
> a. Validated names of subscribers/customers hiring the services
> b. Period of hire including dates
> c. IPs allotted to / being used by the members
> d. Email address and IP address and time stamp used at the time of registration / on-boarding
> e. Purpose for hiring services
> f. Validated address and contact numbers
> g. Ownership pattern of the subscribers / customers hiring services
Seems to me like it would target all of them. But I just searched for "VPN", didn't read the full document yet.
Everything from cloud vendors, ZScaler, Cisco AnyConnect are technically offering access to private networks with a mix of public internet &/or intranet