Introduction
Virtual Private Network (VPN) technology is used at several points on the University network to protect computer systems that contain sensitive data. Examples include access to Oracle, remote connections to the UVa More Secure network, remote access to the Clinical Subnet, and other similar services. A VPN encrypts all of the network traffic between your computer and the remote network and provides your computer with access to the protected resources.

The Oracle Special Services VPN is a service focused on users who have been granted a special level of access to the Integrated System. Users are typically told that they will need to use the Special Services VPN by Integrated System staff. This service is only available for use by individuals approved by ISDS staff.

The servers and services protected by the Oracle Special Services VPN system contain a wide variety of sensitive and privileged data. Thus, two factor authentication is required for access to the system. The two factors used are (a) possession of a hardware identity device (a Rainbow iKey) and (b) knowledge of the password for the device. Your computer will need to have the iKey software drivers installed before you will be able to use the device on your computer. The required two-factor authentication solution is only available on the Windows platform at this time.

VPN Software and Computer System Support
The Oracle Special Services VPN is a service that is supported by your department's LSP. Your LSP can contact ITC via the secnet-info@Virginia EDU email alias to request access to the Oracle Special Services VPN, obtain the hardware identity token, and then assist you with the installation of the iKey software and the configuration of the VPN client.

• LSPs can click here for the the installation and operation documentation.
• Procedural and diagnostic information for LSPs is available here.

As an end user, the critical items for you to remember are to always protect your iKey hardware token, to never share it with anyone, and to remember the password to the device. If you enter the password incorrectly several times in a row, the device will become locked and it will have to be reprogrammed by ITC before it can be used again. ITC can not reset your iKey's passphrase remotely, reprogramming the device is the only option. Please be careful to always remember your password.

Oracle Special Services VPN Computer Security Requirements
Due to the sensitive nature of the data that you will be able to access using the Oracle Special Services VPN, there are several security requirements for how the computer that you use to access the service is managed. Your LSP will ensure that the following requirements are met before enabling your new VPN access:

1. Your computer has been migrated to the UVa More Secure Network
   
2. Anti-virus software with automatic updates is configured and running on your system. A managed Norton anti-virus configuration similar to ITC's free service service is preferred.
   
3. Automatic Windows Update is enabled and configured to automatically install updates from Microsoft. A managed configuration similar to the free ITC service is preferred.
   
4. Anti-Spyware software is installed and enabled on the computer. Webroot Spy Sweeper is available for download from ITC Software Central.

ITC and ISDS strongly encourage departments to provide university laptop computers to users who must access the Oracle Special Services VPN from home. While a personal home computer may be well managed and secured and the iKey/VPN software can be installed on a personal system, its harder to ensure that the proper level of system maintenance is happening on a routine basis in a home environment.