Frequently Asked Questions – VPN Service

• How does a VPN work?
• When is a VPN connection necessary?
• What are the requirements for VPN service?
• How do I sign up for VPN service?
• When I'm connected via VPN is everything encrypted?
• What number do I dial to get access to the VPN?
• Does the VPN service offer virus protection?
• Why do my VPN connections work from some locations and not others?

1. How does a VPN work?
   A VPN essentially uses a public telecommunications infrastructure (usually the Internet) to securely connect users, remote sites, or other networks to a private network, such as UCOP’s network. The data is sent over the public Internet but is kept hidden by means of certain technologies, an “encrypted tunnel” and “authentication protocol.” By using a VPN, authorized personnel may make secure and encrypted connections from remote sites and conduct business as though directly connected to the UCOP network.



2. When is a VPN connection necessary?
   Listed below are the most common uses for a VPN.
• Remote access to network files and shares
• Ability to use remote control software, such as PcAnywhere, Remote Desktop (RDC), to manage and troubleshoot machines and systems
• Ability to establish a secure connection through the UCOP wireless network, which is not secure, to access internal UCOP resources and services. For example, you might need to access a restricted file share during a meeting in one of the UCOP conference rooms, which are equipped with wireless network access. You will be able to do so if your laptop is set up for a VPN connection.


3. What are the requirements for VPN service?


• Management Approval. Approval from your manager/supervisor is required for you to obtain VPN service.
• Departmental Participation in the Centralized IR&C Active Directory. Your department must participate in IR&C’s Managed Desktop Initiative and have been incorporated into the centralized Active Directory (AD). This allows you to use your IR&C Active Directory credentials (a user name and password) to access the VPN. You can contact Technology Service Desk to determine if your department is using the centralized AD.
• UCOP Managed Desktop Computer or Laptop. The VPN service will only be provided for computers owned and managed by UCOP, not for personal equipment.
• Computer Operating System. Your computer must be configured to comply with UCOP’s Security Requirements for All UCOP Networked Devices l and use one of the following operating systems.
• Windows 2000
• Windows XP
• Mac OS 10.2 or higher
• Authentication. “Authentication” is a process by which the VPN software makes sure that a VPN connection is provided only to authorized users. To use the VPN software, you log in with your Active Directory (AD) credentials—a username and password. The VPN software authenticates who you are by use of these credentials. This is the primary reason that membership in the centralized AD is required.
• Internet Connection. The VPN does not provide you with a connection to the Internet. You first must establish a connection (via dial-up, wireless, cable modem, DSL, etc.) in your usual way.
4. How do I sign up for VPN service?
   If you have met all the prerequisites,
• complete the Application for UCOP IT Services,
• check the VPN service box,
• print out the form, obtain your manager or supervisor’s signature, and
• mail or fax the completed application to IR&CTechnology Service Desk (TSD).

TSD will contact you to schedule an appointment to install the VPN software on your computer and provide training.


5. When I’m connected via VPN is everything encrypted?
   Yes. The UCOP standard is to encrypt and secure all traffic sent over the VPN connection. This is the most secure solution both for the user and for UCOP as an organization.



6. What number do I dial to get access to the VPN?
   You don’t. There is no telephone number for the VPN server. You establish a connection to the Internet in your customary way, and then launch the VPN software.



7. Does the VPN service offer virus protection?
   The purpose of a VPN is only to provide secure transmissions by encrypting and decrypting data that passes through the VPN connection. It does not offer virus protection. However, all computers granted VPN access are included in IR&C’s Managed Desktop Initiative and so benefit from automated virus scanning.



8. Why do my VPN connections work from some locations and not others?
   The Internet service provider (ISP) you are using at a certain time may be blocking specific types of traffic and so prevent VPN connectivity. Contact your ISP for assistance.