Policy:       Information Technology: Virtual Private Network (VPN)
Authority:    Information Technology
Contact:      Bill Schuetz, (541) 463-3355            schuetzb@lanecc.edu
 
Purpose

The purpose of this policy is to provide guidelines for Remote Access IPSec or L2TP Virtual Private Network (VPN) connections to the Lane Community College network.

Scope

This policy applies to all Lane Community College employees, contractors, consultants, temporaries, and other workers including all personnel affiliated with third parties utilizing VPNs to access the Lane Community College network. This policy applies to implementations of VPN that are directed through an IPSec Concentrator.

Policy

Due to limited resources for user support, only those employees with a demonstrated need and manager approval will be authorized VPN usage.

Approved Lane Community College employees and authorized third parties (customers, vendors, etc.) may utilize the benefits of VPNs, which are a "user managed" service. This means that the user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated fees. Further details may be found in the Remote Access Policy.

1. It is the responsibility of employees with VPN privileges to ensure that unauthorized users are not allowed access to Lane Community College internal networks.
   
   
2. VPN use is to be controlled using password authentication. Passwords will be provided and are not changeable.
   
   
3. When actively connected to the college network, VPNs will force all traffic to and from your computer over the VPN tunnel: all other traffic will be dropped.
   
   
4. Dual (split) tunneling is NOT permitted; only one network connection is allowed.
   
   
5. VPN gateways will be set up and managed by Lane Community College Network Services.
   
   
6. All computers connected to Lane Community College internal networks via VPN or any other technology must use the most up-to-date anti-virus software; this includes personal computers.
   
   
7. Users of computers that are not Lane Community College-owned equipment must configure the equipment to comply with Lane Community College's VPN and Network policies.
   
   
8. Only Network Services provided VPN clients may be used.
   
   
9. By using VPN technology with personal equipment, users must understand that their machines are a de facto extension of Lane Community College's network, and as such are subject to the same rules and regulations that apply to Lane Community College-owned equipment, i.e., Usage is govern by the Computing and Networking Appropriate Use Policy.

Enforcement
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Definitions
IPSec Concentrator        A device in which VPN connections are terminated.

See also Virtual Private Network procedure.