Contents
- Why is the university moving to this model?
- What are the benefits of moving to a protected network?
- How does moving to the NC State Protected Network secure my device?
- What types of devices should we move to the NC State Protected Network?
- How will I access my PC from off-campus?
- After the transition, what happens if remote access to my device from off-campus is required?
- How does this move impact me?
- Who do I contact if there is a problem?
- What are the challenges to moving to a protected network?
- What should NOT be moved into the NC State Protected Network?
- Can rules be added to a protected network to allow access to my connected devices?
Why is the university moving to this model?
Adopting this policy and supporting the move to protected networks would be a large step toward mitigating attacks on campus. It is also in line with a larger university goal to secure wired and wireless networks.
What are the benefits of moving to a protected network?
Equipment moved to a protected network is no longer subject to attacks or scans from malicious entities on the Internet. This solution will also allow us to secure departmental systems with a simple modification to the network that requires little work from local IT staff and no action on the part of the customer.
How does moving to the NC State Protected Network secure my device?
With this transition, we can enforce a simple yet effective security policy to customer equipment protecting these devices from outside threats. At the same time, it allows unrestricted access to the rest of campus and the Internet.
What types of devices should we move to the NC State Protected Network?
As we move towards applying a more consistent security model for our campus networks, departmental equipment should be secured from the Internet. These could include:
- Laptops
- Desktop PCs
- Laboratory equipment
- and any other device with a wired connection to the network.
How will I access my PC from off-campus?
Currently, certain types of remote access to equipment from off-campus require the Virtual Private Network (VPN) client provided by ComTech. Once the network has been transitioned, the VPN client must be used for all remote access.
After the transition, what happens if remote access to my device from off-campus is required?
If the access is required for NC State-affiliated individuals they may use the NC State VPN provided by ComTech. If non-NC State-affiliated individuals require access, the device will need to be transitioned out of the NC State Protected Network and into an unprotected network.
How does this move impact me?
During the scheduled maintenance window for this move, there will be a brief interruption of all network services of approximately 10 minutes. Once the network is moved to the new environment, we would work with local IT support to ensure all needed access is available.
Who do I contact if there is a problem?
Your local IT support is your first point of contact if there is an issue with your system connectivity. If some access has been removed for a particular system, we will work quickly with the local IT support to resolve the issue.
What are the challenges of moving to a protected network?
Most traffic originates from the client’s PC to an external host. Traffic originating from off-campus to our client PCs is not the typical flow of traffic. Although we will work with the local IT support to determine the departmental applications used, there may be applications or devices that may not work as expected. We will work with the local IT support to resolve the issue if this happens.
What should NOT be moved into the NC State Protected Network?
Some systems are not candidates for moving to a protected network, such as:
- Equipment needing to be accessed by an external vendor or other outside entity without NCSU VPN access.
- Departmental Servers accessed from the Internet (web servers, etc.)
- Polycom devices
- Specialized devices that already have their own secured Networks (PCI, SCADA, COPY/PRINT, etc.)
Can rules be added to a protected network to allow access to my connected devices?
Your local IT support is your first point of contact if there is an issue with your system connectivity. In the event that some access has No. Due to the broad and general use of the NC State Protected Network, no additional security exceptions will be added to support connectivity to a specific device. If a device needs to be accessed from off-campus by a non-NCSU affiliated entity, then the device will need to be moved to an unprotected network.