Management VPN Groups

Overview

A virtual private network (VPN) is a private communications network used by companies or organizations to communicate confidentially over a public network. VPN traffic travels over a public networking infrastructure (e.g. the Internet) on top of standard protocols or over a service provider's private network with a defined Service Level Agreement (SLA) between the VPN customer and the VPN service provider. A VPN can send data (e.g. voice, data or video, or a combination of these media) across secured and encrypted private channels between two points.

VPN Groups provide granular user access to secured segments of the campus network for remote users.  There are three types of VPN Groups used on campus, General, Management and Vendor.

General VPN Groups

The General VPN Group allows campus end-users to access campus services from remote locations over a secure connection.  The resources available to the General VPN Group include the campus file and print server, departmental shares and Intranet resources.  All students, faculty and staff accounts can be used to create a VPN connection in this general group. 

Best Practice

  • Use secure VPN tunnel to access campus resource that are unavailable off campus (e.g. file shares on bay.)
  • Do not use to perform system administrative tasks through the General VPN Group.
  • Do not enable split tunneling while connecting to the campus using the VPN.

To get additional information and the campus Cisco VPN client software client click here.

Management VPN Groups

There are two types of Management VPN Groups, Dedicated and Common.  The Dedicated VPN Management Group allows access to a limited subset of campus system administrators for managing and maintaining servers.  System Administrators may request the creation of a Dedicated VPN Management Groups through the Information Security Office.  Requests for Dedicated VPN Management Groups must include:

  • Campus Sponsor
  • Affected personnel
  • Total anticipated concurrent users
  • Target servers
  • Document the business need 

Servers that do not meet the requirements to receive a Dedicated VPN Management Group will utilize the Common VPN Management Group.

As Management VPN Groups allow access to secure segments of the campus network, sharing of VPN account information is a violation of the campus acceptable use policy.

Best Practice

  • Protocols used to perform administrative tasks are restricted to a defined group of trusted IPs with the host firewall. 
  • VPN account information is not shared.
  • Do not enable split tunneling while connecting to the campus using the VPN.

Contact the Help Desk at x6000 to request a Management VPN group or if you have questions.

Vendor VPN Groups