Information Security
Page tree

Process for requesting a VPN account for vendor access to campus systems

Vendors frequently require access to campus servers for performing various services. We require such vendors to use the SURA VPN Client, for a variety of reasons:

  • To ensure traffic to campus resources are encrypted
  • To  restrict vendor access to only services they require
  • To better understand external support relationships

Vendors are assigned a specific, IP address, which allows their access to be regulated by internal firewalls. Vendors are allowed one account by default and that account is for use by one person.  In special circumstances, a second VPN account and IP address may be allowed, but IP space is limited. Note that vendor accounts are created within Active Directory but do not have any associated AD resources. Sometimes when a vendor connects to the SU VPN, they may receive LDAP or some other communication error.  Most of those errors are normal and can be disregarded.  Please make sure to test the correct connection before reporting errors or problems.  

In order to track and review all of the changes and access for Vendor VPN accounts, requests will now be handled in Orange Tracker OT.   

Open Orange Tracker  and log in.  Once you are logged in you can either search for the key VVAR or for the project Vendor VPN Account Request.  

Click on Create to open a new ticket and enter all of the below fields: 



NOTE:  Please create a ticket for each request.

All account requests should be completed within 3 business days. If you don't hear back by this time frame, please send a reminder.

 

Project:                                           Vendor VPN Account Request (VVAR)

Issue Type:                                    Service Request

Summary:                                     Account can only be used by one (1) individual
                                                              If more than one (1) individual is going to need access please request an additional account   

Priority:                                          Normal priority for all requests

Due Date:                                      Not required

Component/s:                            This field is for ITS Security

Assignee:

Reporter: 

Vendor name:                             Company name

Vendor Contact:                       Vendor contact name, phone number, email; should be person using account

Lifetime of Account:              If less than six months, otherwise all accounts will be reviewed and audited every six months

Destination IP:                          Destination IP or subnet (For multiple, separate by comma. If 'any,' 'unknown,' or 'N/A' please give context in the description field below)

Port/Service:                              Port/Service (For multiple, separate by comma. If 'any,' 'unknown,' or 'N/A' please give context in the description field below)

Contact Information:            Campus contact name, phone number, email; this is normally the person making the request

Justification:                                Why they need to have access

Description:                                 Additional information or context for this request

Vendor VPN Username:     ITS Information Security will complete this 

Vendor VPN IP:                        ITS Information Security will complete this 



  • Once the account is created and the VPN firewall configured, we will return the following information:
    1. The account name and password
    2. The SU IP address, which is not usually needed by the Vendor


  • The more information the better to expedite requests.

  • Please plan enough time for your projects to allow requests to be processed.

  • No labels