Wake Forest University

Virtual Private Network (VPN) Policy

1.         Introduction

The purpose of this policy is to provide guidelines for Virtual Private Network (VPN) connections to Wake Forest University network resources on the Reynolda Campus, herein referred to as the Wake Forest University Network. A Virtual Private Network (VPN) provides a secure encrypted network connection over the Internet between an individual and a private network. By utilizing the public Internet for transporting data, a VPN provides a low cost solution for secure remote access or connectivity.  Use of VPN allows members of the WFU community to access WFU network resources as if they were on the campus.  Utilizing the WFU VPN, all internet traffic flows to campus and then out to the internet. 

2.         Scope

This policy applies to all Wake Forest University students, employees, contractors, consultants, temporary employees, and all personnel affiliated with third party employers utilizing the VPN to access the Wake Forest University Network.

3.         Policy

All Wake Forest University students, employees and authorized third parties (customers, vendors, etc.) may utilize the benefits of the VPN to access University computing resources to which they have been granted access.  Individual users are responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated fees. Further details may be found in the Remote Access Policy.[1]  VPN software and support is available through the WFU Information Systems Help Desk.

 

Additionally,

1. It is the responsibility of WFU employees and students with VPN privileges to ensure that unauthorized users are not allowed access to University internal networks and associated content.
2. All individuals and machines using VPN technology, including university owned and personal equipment, are a de facto extension of Wake Forest University's network, and as such are subject to the university’s computing policies posted at  http://www.wfu.edu/technology/reference/policies/index.html
3. Only VPN clients approved by the Wake Forest University Information Systems department may be used to access the Wake Forest University computing network. 
4. VPN gateways are set up and managed by the Wake Forest University Information Systems department.
5. When actively connected to the university network, the VPN will force all traffic to and from the computer over the VPN tunnel.
6. Dual (split) tunneling[2] is NOT permitted; only one network connection is allowed.
7. The Information Systems department reserves the right to establish inactivity time-out limits for session and absolute connection times. If a user is disconnected due to idle time, the user must then logon again to reconnect to the network. Pings or other artificial network processes to keep the connection open are prohibited.
8. VPN access requests must be routed through Information Systems  Help Desk, 336-758-HELP (4357) or help@wfu.edu
9. VPN access to Wake Forest University resources is provided through the Information Systems department. No other department may implement VPN services.
10. It is strongly recommended that all computers connected to Wake Forest University Network via VPN use the most up-to-date anti-virus software. This applies to personal computers as well as university owned computers. 
11. Users of computers that are not Wake Forest University-owned equipment must configure the equipment to comply with Wake Forest University's VPN and Network policies. Instructions for doing so are located at http://www.wfu.edu/technology/reference/policies/index.html

4.      Enforcement

Violation of the VPN policy will be referred to the appropriate party as follows. Employee infractions will be referred to Human Resources.  Student or faculty violations will be referred to the Dean of the respective School as appropriate. Third party infractions will be referred to the authorizing department.