TITLE: Virtual Private Network Policy And Fee Schedule
The purpose of this policy is to define policies and procedures for connecting to the Fifth Judicial District Department of Correctional Services (District) network via a Virtual Private Network (VPN) connection.
These standards are designed to minimize the potential exposure of the District from damages which may result from unauthorized use of District resources. Damages include the loss of sensitive or confidential data, intellectual property, damage to public image, damage to critical District internal systems, etc.
A remote linkage to the District network through the District VPN is considered an extension of the District network and is subject to all security and appropriate use polices established by the District.
This policy applies to all District employees, contractors, vendors and agents with a District -owned or personally-owned computer or workstation used to connect to the District network through the VPN.
- The District Director or his/her designee will approve access to the District VPN.
- Authorized VPN users will be required to review and sign off on the following related policies before access is permitted:
- Acceptable Use Policy
- Remote Access Policy
- Wireless Communications Policy
- The District Director reserves the right to terminate VPN access rights at any time.
- The District Director may authorize VPN use for persons outside the Districtâ€™s employ. The District Director at his/her discretion may charge and collect fees associated with said access. See VPN Fee Schedule for current rates and charges.
- Authorized users utilizing personal computers for VPN access must follow the hardware/software guidelines established in Remote Access Policy.
- Authorized users will be issued an RSA SecureID card and 4 digit PIN code.
- SecureID cards and PIN codes are not to be shared with others.
- SecureID cards are to be securely stored when not in use.
- PIN codes are not to be written in a conspicuous place or kept with SecureID card.
- Lost SecureID cards will be reported immediately to the supervisor and Technical Support.
- Technical Support must be contacted to reset forgotten PIN codes.
- Cisco VPN Client software will be installed and configured on the authorized users computer by Technical Support.
- Authorized users will have a valid DOC domain user account or user account on a trusted domain.
The VPN "tunnel" is established by connecting and authenticating to the VPN server. Only authorized users with a properly configured Cisco VPN client that have been issued SecureID cards and PIN codes will be able to authenticate to the VPN server. The following steps detail the authentication procedure.
- Click on Start > Programs > Cisco VPN Client > VPN Dialer (figure 1)
- Select "Washington Campus" from the Connection Entry dropdown and click "Connect." (see Figure 2)
- In the "User Authentication for Washington Campus" window, enter your username and passcode and click "OK." The passcode will be your four (4) digit PIN code followed by the six (6) digit number displayed on your SecureID card. (see Figure 3)
- Improperly supplied credentials will cause authentication to fail (see figure 4.)
- Users must wait until their six-digit number on their RSA SecureID card changes before attempting authentication again. Each set of random numbers is only valid for one authentication attempt.
- Three invalid attempts will lock the RSA SecureID card. Technical Support will need to be contacted to unlock the SecureID card.
- Once authenticated to the network through the VPN, a gold padlock will appear in the system tray next to the time display (see figure 4.) NOTE: Once authenticated to the VPN, access to systems outside of the Fifth Judicial District/ICN connection will no longer work, including outside web sites. Access to these systems will be restored once the VPN is disconnected.
- To disconnect from the VPN, right click on the padlock and click on the "Disconnect" menu option (see Figure 5.)
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.