skip navigation links
UW-L logo UW-L Technology Policies page header
Navigation links to major sections of the UW-L site are provided at the bottom of this page as <a href="#textnav">text navigation links</a>.

UW-La Crosse VPN Use Policy

Effective Date

September 1, 2004
 
Purpose

Establish conditions for use of VPN access to campus resources.
 
Applicability

This policy is implemented on the computers used to access campus resources with a VPN connection and will affect off campus network users. 
 
Background

A Virtual Private Network (VPN) connection involves running client software on a remote computer that connects over the internet to a VPN concentrator on campus.  This arrangement bypasses the campus border firewall making the remote computer appear to be a computer on campus.  This permits software that works on campus to work remotely.  While packets passed over this connection are encrypted, if the remote computer is not secure, the campus is vulnerable to attack.
 
Policy

In order to be added to the group that is allowed to use the VPN connection the following conditions must be met:

  • The remote computer must have the campus standard antivirus software installed, active, and kept up to date.  The campus has a site license for this product which can be installed over the network and configured so it is kept current.

  • The remote computer must be configured to automatically download and install critical updates as they come out.

  • The remote computer must have a personal firewall enabled.  For example, Windows XP has a built-in firewall and it must be enabled.

  • Any computer being used for a VPN connection to the UW-L network must be university owned and should have only the software required for University related work.

  • A valid reason must be provided as to why off campus VPN access is required.  E-mail access alone is not a valid reason for VPN privileges.  The university provides secure access to e-mail from off campus.
Guidelines

VPN access is intended for ITS staff members who are, at times, required to work with critical systems while off campus.  Administrators, faculty, and staff outside ITS who comply with the required security practices may also be included. The CIO has final authority in approving VPN access requests.

VPN software must be installed and configured by the Technical Support Services department in the ITS Support Center.
 
Consequence of Non-Compliance

Allowing VPN connections to the UW-L network greatly increases its vulnerability if the remote computers are not secure due to the fact that the remote computers are treated like they are behind UW-L’s firewall.
 
Reference

UWL Security Study, Network Security section 2, Serial No. 2, Findings Ref. No. B.1

UWL Security Study, Documented Network Operating Procedures for Security section 2, Serial No. 4, Findings Ref. No. C.1
 

 
Current Students | Alumni & Friends | Faculty & Staff | Parents | Administration | Campus News | Employment
Admissions | Colleges & Academics | Murphy Library | Technology | Athletics | Community Programs | About UW-L
UW-L Home | Ask Us | Email Access | Campus Map | Directory | Google Search

University of Wisconsin-La Crosse 1725 State Street La Crosse, Wisconsin 54601 (608) 785-8000
All material Copyright 2006 by the University of Wisconsin-La Crosse and the
Board of Regents of the University of Wisconsin System
Comments To: webmaster@uwlax.edu