Virtual Private Network (VPN) Service on the University of Kansas Data Network

A VPN is a technique used to create a private path from a remote user pc or workstation located on a public network into a private network such as KU’s campus data network.  It allows, among other things, a method to connect to KU network resources (for example, the full Outlook client, KU’s e-mail system, and a user’s stored electronic files) as if the user were locally connected to the KU network.  This allows greater functionality than other remote access techniques such as via a web browser.  Use of the KU VPN service is a privilege which comes with responsibilities for the department and the user. Users should be aware that routing schemes, network configurations, and security measures can be changed without notice by the KU Information Technology Security Office or by the user’s  internet service provider and may affect the user’s ability to do certain functions with VPN.  The use of the VPN service does not make all transmissions between the user’s PC and the KU network secure.  Please do not assume the confidentiality of information traveling through the VPN service.

 

Responsibilities of Information Technology:

 

·         Provide the VPN client software and instructions for installing the VPN client on the user’s computer.

·         Provide a method for Technical Liaison to grant their users access to the VPN service.

·         Information Technology shall scan for unauthorized VPNs and disable access of those devices performing non-sanctioned VPN service.

 

 

Responsibilities of Users:

 

·         VPN service is limited to faculty staff, Graduate Teaching Assistants (GTAs) and Graduate Research Assistants (GRAs) needing secure remote access to resources located on the University’s network.

·         Private VPNs on the University’s network are allowed only with prior approval from the IT Security Officer and the Deputy Technology Officer.

·         All users must use the centrally provided VPN and the associated VPN client software.

·         All remote systems must have the VPN client’s stateful firewall feature enabled.

·         All remote systems must have properly configured anti-virus software installed and enabled.

·         All users must recognize that the use of the VPN system does not guarantee that all transmissions between the remote PC and the KU network are secure.  It is the user’s responsibility to configure their applications to use the VPN if they desire their transmissions to be secure.

·         The operating system for all remote systems must be kept current by applying patches as they become available.

·         In order to use the VPN service all remote systems must meet or exceed posted technical requirements. 

 

 

Responsibilities of University Departments:

 

·         Have a qualified Technical Liaison who can assist the department’s computer users in loading and installing the VPN client on computers and by granting access to the VPN service via a method provided by Information Technology.

 

Responsibilities of Technical Liaisons:

 

·         The departmental Technical Liaisons shall verify that the user has reviewed this policy.

·         Assist users in configuring and installing the VPN software on University devices.

o        If allowed by the department, assist users in configuring and installing the VPN software on personal devices.