Boise State Virtual Private Network Standard
Updated June 2020
The purpose of this standard is to define requirements for Virtual Private Network (VPN) connections to the Boise State network and outlined in the Boise State Remote Access policy.
Boise State employees, authorized students, affiliates and authorized third parties will` use the benefits of VPNs, which are a “user managed” service. This means that that VPN users are responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated fees. Further details may be found in the Remote Access policy.
- It is the responsibility of Boise State VPN users ensure that unauthorized users are not allowed access to Boise State internal networks.
- When actively connected to the Boise State network, the VPN will force all traffic to and from the host over the VPN tunnel: all other traffic will be dropped.
- Dual (split) tunneling is NOT permitted; only one network connection is allowed.
- VPN gateways will be set up and managed by Boise State’s Office of Information Technology.
- All hosts that are connected to Boise State’s internal networks via remote access must meet the configuration requirements defined in the Minimum Standard For Systems.
- VPN users will be automatically disconnected from Boise State’s network after a detected period of inactivity. The user must then logon again to reconnect to the network.
- Only OIT-approved VPN clients may be used.
- By using VPN technology with personal equipment, users must understand that their machines are a de facto extension of Boise State’s network, and as such are subject to the same rules and regulations that apply to Boise State-owned equipment, i.e., their machines must be configured to comply with Boise State Policies.
This standard applies to all Boise State employees, authorized students, contractors, consultants, temporaries, and other workers including all personnel affiliated with third parties using VPNs to access the Boise State network.
All users of Boise State IT resources are responsible for compliance with this standard and the Remote Access policy.
A. Non-Compliance: Any employee found to have violated this standard and by doing so, the Remote Access policy, may be subject to disciplinary action, up to and including termination of employment.
Questions about this standard should be directed to the Chief Information Security Officer:
Phone: (208) 426-5701
Adapted with permission from the SANS Institute Security Policy Project.