Ƶ

Top Searches:

Ƶ Guitar Studios Spring Recital Apr 7, 2026

Present Laughter Apr 9-17, 2026

The Cherry Orchard Apr 10-18, 2026

Troilus & Cressida Apr 11-19, 2026

Ƶ School of Filmmaking Presents an Afternoon of One-Act Plays Apr 11, 2026

Special Screening: Invisible Nation Apr 11, 2026

See All Events
 
Home > Ƶ Policy Manual > 500. Information Technology > Virtual Private Network (VPN) Regulation 510

Virtual Private Network (VPN) Regulation 510

Regulation 510 Approved: February 17, 2011
UNIVERSITY OF NORTH CAROLINA SCHOOL OF THE ARTS
Virtual Private Network (VPN) Regulation
Regulation 510
Source of Authority: N.C.G.S. § 116-34(a)
UNC Code § 502(A)
Revision Authority: Chancellor
History: First Issued: February 17, 2011
Related Policies: IT Account Management Regulation 503;
Technology Use Regulation 508
Responsible Offices: Chancellor
Effective Date: February 17, 2011

I. Purpose

This regulation provides guidelines for Remote Access Virtual Private Network (“VPN”) connections to the Ƶ trusted administrative network.

II. Scope

This regulation applies to all Ƶ employees, contractors, consultants, temporary employees, and other workers including all personnel affiliated with third parties utilizing VPNs to access the Ƶ network.

This regulation applies to implementations of all VPN that are directed through any type VPN Concentrator.

III. Definitions

A. “User Managed Service” means the that the user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated fees.

IV. Regulation

A. Approved Ƶ employees and authorized third parties (customers, vendors, etc.) may utilize the benefits of VPNs, which are “user managed” services.

B. It is the responsibility of employees with VPN privileges to ensure that unauthorized users are not allowed access to Ƶ internal networks via their VPN.

C. VPN use is to be controlled using password authentication.

D. Only VPN clients approved by Ƶ’s Information Technology Department (“IT”) may be used.

E. By using VPN technology with personal equipment, this personal equipment is a de facto extension of Ƶ’s network, and as such is subject to the same, policies, rules, and regulations that apply to Ƶ-owned equipment.

F. All computers, including personal computers, connected to Ƶ internal networks via VPN or any other technology must use the most up-to-date anti-virus software that is the administrative standard.

G. All computers connected to Ƶ internal networks via VPN must have the latest operating system and security patches applied.

H. Users of computers that are not Ƶ-owned equipment must configure the equipment to comply with the Ƶ Technology Use regulation.

I. Peer-to-peer software is not allowed over VPN.

J. Anyone found to have violated this regulation may have their network access privileges temporarily or permanently revoked.

V. Revision History

A. February 17, 2011 – Adopted by Board of Trustees as part of Ƶ Policy Manual

UNIVERSITY OF NORTH CAROLINA SCHOOL OF THE ARTS

Virtual Private Network (VPN) Procedures

Procedure 510

I. Requesting Access. To request VPN access, the employee must complete the VPN access request agreement form and submit it to the CTO. The agreement is available at Information Technology website.

II. VPN Operations

A. When actively connected to the administrative network, VPNs will force all traffic to and from the PC over the VPN tunnel; all other traffic will be dropped.

B. VPN gateways will be set up and managed by the Ƶ IT Department.