Educause Security Discussion mailing list archives
Re: Questions about your VPN
From: Eric Hays <erichays () ILLINOIS EDU>
Date: Tue, 11 Oct 2016 10:29:07 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Who do you allow on your VPN (fac, staff, students, IT)?
Everyone with an account can access our VPN.
How many profiles do you have (one for each above, more granular)?
Four, not restricted to user category, as follows: TunnelAll - tunnels all traffic through our VPN TunnelAll_Duo - same as above with Duo required to connect SplitTunnel - tunnels campus traffic through our VPN SplitTunnel_Duo - same as above with Duo required to connect
Do you require two-factor authentication?
Only on the Duo profiles.
Do you require a managed workstation to access the VPN?
No. This would be infeasible, given that we allow everyone to use the VPN and that most of them are doing so from personally-owned devices. We are currently rolling out 2FA to campus and we are encouraging our campus IT Pros to restrict things to the Duo profile IP ranges, but since many of those services are accessible from off-campus without VPN use, this is a hard sell. - -- Eric Hays IT Security Analyst Privacy and Information Security Technology Services at Illinois University of Illinois at Urbana-Champaign PGP Fingerprint: C6F9 BFA9 C134 AB9A 66E3 21B5 42D0 22BA 4346 9D28 -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJX/QVDAAoJEELQIrpDRp0ocQEIAJSyoVHNeV6poGsvVrX0oG5y pWXBpRCiHDB/PUvUqgwZ4Us6KlOASvoITb/XmZOvv+vAD39q5WISjNB/7QuRaNzp ciTbPI7FZcecVLQA1Q1/mXqT8hkZj+m7z+LNdRjsiceTVJSXNuaTU6WwK3Dut9Oi LPRm5oHOSx+SASy0xK08NZ6/U46jBetzU8xdbthykcTsTcl3Aou405oxrGloGwZt f0EFDr9X9r2vPc9vh/Th+HRb9SERNuZCKOLujGR+zyw2uh+l+u6jcbho0mThWyk2 LL8I3TAC3Y86W2+W8WVuMkQnM9F/ivi8U8m5v21jLdbVlkJ74jlKh4yXT6zxvQo= =AYzV -----END PGP SIGNATURE-----
Current thread:
- Questions about your VPN Adam Copeland (Oct 11)
- Re: Questions about your VPN Adam Maynard (Oct 11)
- Re: Questions about your VPN Eric Hays (Oct 11)
- Re: Questions about your VPN David Curry (Oct 11)
- Re: Questions about your VPN Steven Alexander (Oct 11)