OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

UCSF Campus VPN System

Information for New Students

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

What We Will Cover Today

• What is a VPN?

• Why do I need a VPN?

• What do I need to do to use the SSL VPN?

• How do I use the SSL VPN system?

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

What Is a VPN?

• VPN stands for Virtual Private Network– A network being used to transport another

network• A VPN is used to connect computers to

networks and networks to networks• VPNs can be created with hardware,

software or a combination of both• VPNs can also protect information with

encryption– Encryption is not required for a VPN, but it

is recommended, and is used on our VPN

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Why Do You Need a VPN?

• VPNs are most often used for one of two reasons:– To give you access to something you could

normally only access if you were there (like sitting at your desk at work, or using a computer directly on the UCSF campus network)

– To protect your communications

• Many times a VPN is in place for both reasons

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

From You to UCSF

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

How it Feels With a VPN

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

What Is the VPNUsed For at UCSF?

• To access non-public (proprietary) Campus resources (e.g., Library Databases)

• To access data which needs to be protected (HIPAA, SB1386, PCI)

• Protecting yourself on public networks– Do you want people at your coffee shop to

know your passwords?

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

This Is the Scary Slide

• You are vulnerable on open wireless networks– Wireless networks can be “listened” to by

anyone with a wireless laptop and the right kind of software

• Even with a VPN your computer needs additional protection– Anti-virus, Anti-spyware, Firewall/Intrusion

Prevention Software (this is called “layered protection)

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

What Is a SSL VPN?

• SSL stands for Secure Sockets Layer• A system that utilizes Java and your

web browser to connect a single computer to the UCSF Campus Network

• OAAIS uses the Juniper Secure Access VPN system

• We will show you how to use it a bit later

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Why Did WeChoose Juniper?

• The Juniper SSL VPN is easer for users because it does not require installation of special software clients

• The Juniper SSL VPN system is easer for administrators to manage

• The Juniper SSL VPN supports more platforms than their competitors

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

How Are Things Done With the vpn@UCSF System?

• Software is installed on-demand• Software is updated on-access• Not all functions require client side

software• Even if your platform isn’t

supported you can access the basic features through the web browser

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

So What Do I Need to Do?

• Go to https://vpn.ucsf.edu and start using it– Yes, it’s that easy!

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

What If I Use TheMedCenter VPNs?

• The Juniper SSL VPN software is safe to have on the same system as the Cisco VPN

• MedCenter also has a Juniper SSL VPN

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Before We Go Further

• Questions?– Is everyone clear about VPNs?

– Do any of you have questions about the UCSF VPN thus far?

• Comments?

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Getting Started

• Before you can do anything you have to be connected to the Internet before you login to the VPN

• Students will login to the VPN using their username (SAA UserID) and password (PIN), which are assigned by the Registrar’s Office.

• If you have trouble with your VPN account, call OAAIS Customer Support at (415) 514-4100, option 2

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

What If You Havea Problem?

• The usual problem is an old version of Java – try updating it if you experience problems

• Test your web browserhttp://its.ucsf.edu/information/network/vpn/test/

• It will tell you if you are on the UCSF network or not and what version of Java you are running

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Officially Supported Platforms

• You aren’t limited to this, but if it is not on this list OAAIS can’t provide assistance– Windows Vista 32-bit: Internet Explorer 7.0 and Firefox 2.0– Windows XP Pro SP 1: Internet Explorer 6.0, Firefox 2.0– Windows XP Pro SP2: Internet Explorer 7.0, Internet

Explorer 6.0, Firefox 2.0– Windows 2000 SP4: Internet Explorer 6.0, Internet Explorer

5.5, Netscape 8.0, Firefox 1.5– Mac OS X 10.4.3: Safari 2.0– Mac OS X 10.3.2: Safari 1.1, Internet Explorer 5.2– Mac OS X 10.2.8: Safari 1.0– Mac 9.2: Internet Explorer 5.1.5 and Netscape 4.79

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Accessing vpn@UCSF

• Browse to https://vpn.ucsf.edu

• Log In

• It’s that simple!

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Home Page

• Once you have logged in you see your home page.

• Use your home page to save links to web sites and files. No one can see them but you.

• From this page you can go anywhere

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Lets Talk Aboutthe Quick Start Guide

• It walks you through all of the things you can do from the Browse bar

• Available in PDF and HTML on the OAAIS web sitehttp://its.ucsf.edu/information/network/vpn/ssl/

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

The Browse Bar

• All Graphical Web Browsers– Web Sites– Windows/Samba File Servers

• Windows, MacOS X and Linux– SSH Client– Telnet Client

• Windows Only– Windows Remote Desktop/Windows

Terminal Server– Citrix Terminal Servers

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Lets Talk Aboutthe User Guide

• It has a detailed description of how to use all of the standard features and Network Connect

• Available in PDF on the OAAIS web sitehttp://its.ucsf.edu/information/network/vpn/ssl/

• Does not cover Secure Application Manager

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Web Bookmarks

• Just like Bookmarks or Favorites in your web browser

• Gives you quick access to site you use frequently

• WARNING:Don’t use your own bookmarks or type anything in to the browser URL bar… add your favorite bookmarks within the VPN browser window instead

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Client Application Services

• Where you launch the client software

• Network Connect– Full IPSEC tunneling client. Students

would rarely need to use this.

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Network Connect

• Works for Windows, MacOS X and Linux– Very picky about your Java setup under

Linux

• Makes your computer part of the UCSF network– You get a UCSF network address– Just like you are here, only slower because

your connection is encrypted

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Personalizing YourHome Page

• You can make basic changes to tailor your experience– One or two columns– Order of objects– “Minimize” objects you don’t need

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program

http://isecurity.ucsf.edu or 415.514-3333

Providing a free and easy VPN service to the UCSF community

https://vpn.ucsf.eduVisit the OAAIS website for more information and the documentationhttp://its.ucsf.edu/information/network/vpn/