VPN - What to consider?
What is VPN useful for?
Via VPN a computer that is outside the BOKU network can be temporarily included into the BOKU network (that is, brought behind the firewall). Technically speaking the client computer receives an IP address from the BOKU network during the VPN session time. This means that the computer becomes a part of the BOKU network and is no longer a part of the network that it used to be a part of before that. This is a useful option to provide access to measuring devices, the administration of institute-internal services or to gain access to other services that are normally not available outside the BOKU firewall, just to name a few examples.
Important: This service is meant for rather experienced users. It assumes that you know with which client you wish to access the services. If, for example, there is no Novell client installed on your computer, a VPN connection alone can of course not provide you with Novell drives in Windows Explorer.
For example: The computer indicated with a red arrow is in another network:
Requirements for the use of VPN
- you need a valid BOKU account
- you need to install the VPN client
- BOKU staff members also need the authorization of their IT manager. This is the case as you receive access to the network area of your organizational unit.
VPN - What It Offers and What Needs to Be Considered!
With VPN (Virtual Private Network) the option is created to access the internal BOKUnet through the firewall via an unsecured network (internet, WLAN, etc.).
- BOKU staff members and BOKU students have access to the general, internal (FileService, PrintService, etc.) and external areas (WebServices, etc.).
- In addition, BOKU staff members also have access to the network segment of their own department (or departments, respectively. See chart below).
The internet access via VPN connection is also possible. In terms of the network, the (temporary) connection of a computer via VPN is an integration of the computer into the BOKUnet (topology change). This needs to be considered due to network security. Thus, during an existing VPN connection with BOKU, no connection to local networks in which the computer is stationed is possible. A so-called "split tunnel" is not allowed. So, access of local resources (network printers, servers, etc.) during an active connection to BOKU via VPN is not possible.
Information on Security!
In comparison to your workplace, in case of a VPN connection you are physically outside the BOKU and therefore have to pay attention to your spatial environment in which you are located. In addition to technical measures such as an up-to-date virus scanner and a patched operating system, information security (confidentiality, integrity and availability) must also be taken into account.
The rules and important information can be found here:
- Security and virus protection
- IT guidelines