Introduction

Illinois Tech's Virtual Private Network (VPN) provides a secure, encrypted, network connection over the Internet between authorized Illinois Tech users and the university network. The VPN offers students, faculty, and staff secure access to information technology systems that are not otherwise available from off-campus networks.

Set Up VPN Connection Using the Cisco AnyConnect

• Set up VPN connection using the Cisco AnyConnect for Windows
• Set up VPN connection using the Cisco AnyConnect for OS X

Policy

• The VPN does not provide Internet connectivity; it provides secure access into Illinois Tech's network. Individual users are responsible for selecting an Internet Service Provider (ISP), coordinating installation, and installing any required software necessary for Internet service.
• For students, faculty, and staff VPN service will be automatically provisioned.
• Only the VPN client software that is distributed by OTS may be used to connect to Illinois Tech's VPN servers.
• By using VPN technology with personal equipment, users must understand that their machines are de facto extensions of the university's network, and, as such, must comply with the Illinois Tech's Acceptable Network Usage Policy.
• The VPN client is currently available for Windows 10/11, Mac OS X, and Linux. Users are responsible for the installation of the VPN client software. (See the applicable Set Up VPN Connection instruction links above).
• All computers connected to Illinois Tech's internal networks via the university's VPN must use the most up-to-date antivirus software and operating system patches. The university periodically scans computers connected to the network to ensure compliance. A device identified as a potential security threat may be blocked from the university's network until further action is taken by the user.
• It is the responsibility of users to ensure that unauthorized persons are not allowed to access Illinois Tech's internal networks.

VPN Vendor Policy

Access to Illinois Tech's networks and systems must not be granted to a third-party vendor, unless a university sponsor determines that such a vendor has a legitimate business need for this access.  These privileges must not be provided unless they are enabled for a specific individual and limited to the time period required to accomplish approved tasks. Access to Illinois Tech's systems will not be granted until the university employee  sponsoring the vendor has completed the Illinois Tech VPN Request Form and received approval from the Office of Technology Services (OTS) Support Desk.  

The university prohibits the establishment of any inbound Internet connections from a vendor to Illinois Tech's systems unless prior OTS approval has been obtained.

It is the responsibility of the vendor’s sponsor to inform OTS that the vendor’s access to the VPN infrastructure is no longer required.

On a regular basis, OTS reviews the privileges and activity of vendor accounts used for production, test, and development computers, and virtual machines.  Vendor accounts will be disabled when no longer in use.  This information will be distributed and documented by OTS.  OTS keeps documentation of all access privileges so that incompatibilities and conflicts of interest can be readily determined.  A vendor system that is scanning other computers or determined to have vulnerabilities will be blocked from Illinois Tech's network.

Vendor Responsibilities WHEN USING Illinois Tech's VPN Access

• All vendor systems must run a firewall and an updated version of antivirus software.
• Vendors must not attempt to eradicate a computer virus from their system while connected to Illinois Tech’s VPN unless they do so with prior communication and approval from OTS.  
• Vendor employees will be assigned a VPN username and password, consisting of the employee’s first initial and last name.  These usernames are not to be shared.
• Every vendor's user-ID on Illinois Tech's systems is documented by OTS.  This enables the university to immediately terminate all access privileges if an individual were to leave the vendor organization.
• The vendor is limited to working only on those systems for which it has been granted specific access.

Enforcement

Any user found to have violated this policy will be subject to the loss of certain privileges and/or services, including, but not limited to, loss of VPN access without notice.