Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vendor Access

From: Kevin Wilcox <wilcoxkm () APPSTATE EDU>
Date: Thu, 4 Mar 2010 11:14:41 -0500
On 4 March 2010 10:59, Drews, Adam <adrews () jjc edu> wrote:


I was wondering how other people are handling vendor access to their
networks.  I searched the EduCause Security archive and didn’t find much
there.  Do you have them fill out a form stating who they are, who they work
for, what access they need, how long they need the access, etc.?  Any input
would be greatly appreciated.


If the machine/port they want to access isn't public facing (and it
almost never should be) then they get a vendor VPN account created
with access to only the machine they need to work on. If they refuse
to use OpenVPN (we use OpenVPN for "road warrior", site-to-site and
vendor access), they don't get access.

The particulars (what they agree to, access times, etc) depend on
which machines they want to access.

kmw

-- 
Kevin Wilcox
Network Infrastructure and Control Systems
Appalachian State University
Email: wilcoxkm () appstate edu
Office: 828.262.6259
Previous By Date Next
Previous By Thread Next

Current thread: