Georgia Perimeter College (GPC)

Virtual Private Network (VPN) Policy

1.         Introduction

The purpose of this policy is to provide guidelines for Virtual Private Network (VPN) connections to Georgia Perimeter College network resources, herein referred to as the GPC Network.† A VPN provides a secure, encrypted network connection over the Internet between an individualís computer and a private network.† By utilizing the public Internet for transporting data, a VPN provides a low cost solution for secure remote access and allows members of the GPC community to access GPC network resources as if they were on a campus. 

2.         Scope

This policy applies to all GPC employees, contractors, consultants, temporary employees, and all personnel affiliated with third party employers whose job functions require access to services and resources on the GPC Network, herein referred to as Eligible Person(s).

3.         Policy

The use of a VPN is limited to Eligible Persons that require remote access to services and resources on the GPC Network that are not available via the Web.† All Eligible Persons using VPN technology are using a de facto extension of the GPC Network and, as such, are subject to GPC policies and procedures.† Only VPN software approved by GPCís Office of Information Technology may be used and this software may only be installed on GPC-owned computers.

Additionally,

  1. VPN access to the GPC network is provided only through the Office of Information Technology.† No other department may implement VPN services.
  2. VPN access requests must be routed through the Office of Information Technology Help Desk by filling out a VPN Access Request form which must include the resources that are requested as well as a justification for remote access.† The details of the VPN request process can be found at www.gpc.edu/oit/policies_procedures/vpnprocedures01082007.htm.† Only requests from administrative faculty and staff will be considered.†
  3. Each Eligible Person requesting VPN access is responsible for selecting an Internet Service Provider (ISP), coordinating service installation, installing any software required by the ISP, and paying associated fees.† Each requestor is also responsible for problem determination and resolution of any connectivity issues related to the chosen ISP.
  4. It is the responsibility of each Eligible Person with VPN privileges to ensure that unauthorized persons are not allowed access to the GPC Network and associated content via the Eligible Personís account or computer.† VPN access is granted solely for the purpose of conducting GPC business, and not for personal Internet usage.
  5. When actively connected to the GPC Network through the VPN, all traffic to and from the computer will travel over the VPN connection and through the GPC Network; hence, accessing Internet resources external to GPC is not recommended while actively connected to the VPN.†
  6. The Office of Information Technology reserves the right to establish inactivity time-out limits and connection time limits. If a user is disconnected due to an idle timeout, the user must reconnect the VPN and login again.† Pings or other artificial network processes to keep the connection open are prohibited.†
  7. For purposes of network security, the Office of Information Technology may limit VPN access to a set of resources which are fewer than the resources that were requested.†
  8. Dual (split) tunneling1 is NOT permitted; only one network connection is allowed per approved VPN access.
  9. All computers connected to the GPC Network via VPN must have the most up to date operating system patches, the most up-to-date anti-virus software with current virus definitions actively running, and an actively running personal firewall with appropriate definitions to ensure security in compliance with all GPC IT policies.†

4.      Enforcement

Any Eligible Person found to have violated this policy may be subject to loss of certain privileges or services, including but not necessarily limited to the loss of VPN services.

While connected to the GPC Network via VPN, anyone found attempting to access any network equipment, running un-authorized scans of the GPC network, or performing or attempting to perform illegal or un-authorized activities may have their VPN access revoked without warning.† Such revocation is at the sole discretion of the GPC Office of Information Technology, and may also result in civil and/or criminal sanctions.

Eligible Persons connected via VPN to the GPC Network understand that GPC OIT may monitor and log session information, and that said information may be required to be turned over to authorized law enforcement agencies upon the receipt of a duly executed court order or summons.

1Dual (split) tunneling allows two simultaneous, active connections to a secure network (via VPN) and a non-secure network, without having to disconnect the VPN connection. This security vulnerability allows a direct connection from the non-secured Internet to the VPN secured network.