Virtual Private Network (VPN) Service on the University of Kansas Data Network
This policy outlines the purpose and approved use of Virtual Private Networks on the University of Kansas network
This policy applies to all faculty, staff and students and approved network users desiring a VPN connection at the University of Kansas.
A VPN is a technique used to create a private path from a remote user pc or workstation located on a public network into a private network such as KU’s campus data network. It allows, among other things, a method to connect to KU network resources (for example, the full Outlook client, KU’s e-mail system, and a user’s stored electronic files) as if the user were locally connected to the KU network. This allows greater functionality than other remote access techniques such as via a web browser. Use of the KU VPN service is a privilege which comes with responsibilities for the department and the user. Users should be aware that routing schemes, network configurations, and security measures can be changed without notice by the KU Information Technology Security Office or by the user’s internet service provider and may affect the user’s ability to do certain functions with VPN. The use of the VPN service does not make all transmissions between the user’s PC and the KU network secure. Please do not assume the confidentiality of information traveling through the VPN service.
Responsibilities of Information Technology:
· Provide the VPN client software and instructions for installing the VPN client on the user’s computer.
· Provide a method for Technical Liaison to grant their users access to the VPN service.
· Information Technology shall scan for unauthorized VPNs and disable access of those devices performing non-sanctioned VPN service.
Responsibilities of Users:
· VPN service is limited to faculty staff, Graduate Teaching Assistants (GTAs) and Graduate Research Assistants (GRAs) needing secure remote access to resources located on the University’s network.
· Private VPNs on the University’s network are allowed only with prior approval from the IT Security Officer and the Deputy Technology Officer.
· All users must use the centrally provided VPN and the associated VPN client software.
· All remote systems must have the VPN client’s stateful firewall feature enabled.
· All remote systems must have properly configured anti-virus software installed and enabled.
· All users must recognize that the use of the VPN system does not guarantee that all transmissions between the remote PC and the KU network are secure. It is the user’s responsibility to configure their applications to use the VPN if they desire their transmissions to be secure.
· The operating system for all remote systems must be kept current by applying patches as they become available.
· In order to use the VPN service all remote systems must meet or exceed posted technical requirements.
Responsibilities of University Departments:
· Have a qualified Technical Liaison who can assist the department’s computer users in loading and installing the VPN client on computers and by granting access to the VPN service via a method provided by Information Technology.
Responsibilities of Technical Liaisons:
· The departmental Technical Liaisons shall verify that the user has reviewed this policy.
· Assist users in configuring and installing the VPN software on University devices.
o If allowed by the department, assist users in configuring and installing the VPN software on personal devices.
Failure to abide by the requirements of this policy and/or any procedures that are developed to implement this policy may result in termination of the user’s or departmental VPN privileges. Users may also be subject to sanctions, including the loss of computer or network access privileges, disciplinary action, suspension, termination of employment, dismissal from the University, and legal action. Some violations may constitute criminal offenses under local, state, and federal laws. The University will carry out its responsibility to report such violations to the appropriate authorities.
Chief Information Officer
345 Strong Hall
1450 Jayhawk Blvd
Lawrence, KS 66045
Virtual Private Network (VPN) Enables data transmissions to travel securely over a public network by tunneling traffic between the origin to the destination in a virtually private sub channel of the network link.
Encryption Using a special algorithm to modify original information in a way that makes it unintelligible to all but the sender and receiver.
Updated on 9/11/2007 to reflect NTS/IT reorganization of responsibility. Revised September 13, 2006.