The purpose of this policy is to provide guidelines for VPN access to the SUNY Oneonta network.
The VPN provides secure access to the most sensitive resources on the College network. It is necessary to ensure that users understand the requirements and responsibilities of VPN access.
Applicability of the Policy
This policy applies to all SUNY Oneonta employees and authorized third parties (vendors) that access the SUNY Oneonta network through our VPN.
The VPN allows users at remote locations to access services and applications available only on the SUNY Oneonta network. By accessing the campus network through a VPN, the user bypasses security measures designed to protect the network from viruses, hackers and other threats on the Internet. Therefore, users who require a VPN must accept the responsibility of assuring that the computer they will use is secure.
VPN– A Virtual Private Network establishes a secure connection between two trusted locations (your computer and the SUNY Oneonta network) via an insecure, public network (the Internet).
Anyone wishing to gain VPN privileges must signify compliance with this policy by completing and signing the VPN User Agreement. The agreement will then be reviewed by the
An administrator who will grant or deny access and notify the user.
Hardware & Software Requirements
- Your computer must be clean of viruses and spyware and have approved up-to-date antivirus software installed. Approved software includes Sophos (campus provided), MacAfee; Norton. Other virus detection programs must be approved by the Security Administrator.
- Your computer must be up-to-date on all critical security patches.
- Your computer must have a personal firewall enabled except where alternate security measures have been approved by the Security Administrator.
- You must use a VPN client approved by the Security Administrator and set up in accordance with this policy.
- The VPN should be connected from a relatively fast computer and a broadband (not dial-up) Internet connection. It will not operate satisfactorily otherwise.
- Theft or loss of any computer with a VPN client configured on it must be reported immediately to the Security Administrator.
- The VPN may be used only for official, college-related work. You must disconnect the VPN before attempting any non-college related activities from your computer.
- It is the responsibility of employees with VPN privileges to ensure that unauthorized users are not allowed access to the SUNY Oneonta internal network.
- Use of the VPN signifies your acceptance of and compliance with all other related SUNY Oneonta policies. These policies can be found here.
- Split tunneling is NOT permitted. That is, you may not use any other connection to any other network while the VPN is connected. All network traffic must pass through the VPN.
- VPN users will be permitted one active VPN connection.
- VPN users will be automatically disconnected from the SUNY Oneonta network after 30 minutes of inactivity or a total connection time of 8 hours. The user must then log on again to reconnect to the network. Pings or other artificial network processes are not to be used to keep the connection open.
- Access to the VPN can be revoked at any time for failure to abide by the VPN User Agreement.
VPN User Agreement
Questions related to the daily operational interpretation of this policy should be directed to:
IT Security Administrator
• Approved by the President on 10/27/2009
SUNY Oneonta VPN User Agreement
SUNY Oneonta username: _________________________________________________
Intended use of VPN:______________________________________________________
I have read and understand the above VPN Policy and consent to adhere to the rules therein.
VPN User Signature:
Security Administrator Signature: