UCSD CTRI STANDARD OPERATING PROCEDURE (SOP) POLICY Acceptable Use Policy: SOP-CTRI-002c Section of: CTRI VPN Access Request CONFIDENTIAL Created: 02/05/2015 Target Audience: CTRI Network Users Page 1 of 4 1.0 Policy Statement To support the process of requesting VPN access to UCSD CTRI network resources, all users of the UCSD CTRI resource shall conform to the guidelines detailed in this policy. 2.0 VPN Access Request 2.1 Change Management Ticket To request VPN access to UCSD CTRI resources a change management ticket must be created in the UCSD CTRI Change Management system by sending an e-mail request to ctri-support@ucsd.edu. Once the ticket is automatically created a notification will be sent to the requestor verifying a change management ticket has been created and it will contain a ticket number. A technical engineer will then be assigned to the ticket. 2.2 Required Information for VPN Access to CTRI network resources Information required for a Change Management ticket for VPN access should consist of the following; a) Sponsor requesting VPN connection/s b) Sponsor e-mail address c) Sponsors phone number d) UCSD active directory (AD) user name of persons requiring VPN access. (If person/s do not currently have AD accounts reference section 2.4 of this document) e) Person/s requiring addition to VPN pool e-mail addresses f) Name of VPN network pool to be added to; CTRI (Administration network) IDASH (iDash Network) KMDC CTRI SSH Access Procedure Confidential UCSD CTRI STANDARD OPERATING PROCEDURE (SOP) POLICY Acceptable Use Policy: SOP-CTRI-002c Section of: CTRI VPN Access Request CONFIDENTIAL 2.3 Created: 02/05/2015 Target Audience: CTRI Network Users Page 2 of 4 Request for VPN access for Active Directory users Upon receipt of the ticket notification and provided that the request includes all necessary information, the assigned technical engineer will request the user/s be added to the appropriate VPN pool via e-mail to the UCSD Host Master. (If additional information is required the assigned technical engineer will send an e-mail request to the sponsor requesting additional information. If a reply from the sponsor is not received by the assigned technical engineer within two business days the ticket will be closed and the sponsor notified via e-mail.) Once a reply is received by the assigned technical engineer from the Host Master verifying the requested users have been added to the VPN pool, the sponsor will receive a notification from the assigned technical engineer the request has been completed and the ticket will be closed. 2.4 Request for VPN Access for non-Active Directory users If the requested users do not currently have UCSD Active Directory accounts, the assigned technical engineer will reply to the sponsor requesting consent via e-mail to add the users to the UCSD Active Directory. (If the assigned technical engineer does not receive a response from the sponsor within two business days, the request will be cancelled and the ticket closed and the sponsor notified by e-mail). The sponsors e-mail response will constitute acknowledgment that the requested users are approved for AD access and the sponsor accepts responsibility for those individuals. After the assigned technical engineer receives the consent e-mail he will contact the Host Master and request AD accounts and the accounts be added to the requested VPN pool. Once the assigned technical engineer receives the AD user accounts back from the Host Master, he will e-mail the sponsor and users with the AD login names and temporary passwords. The users will be required to login to the designated URL provided by the UCSD Host Master to change their temporary passwords. The Sponsor will receive a notification from the assigned technical engineer the request has been completed and the ticket will be closed. CTRI SSH Access Procedure Confidential UCSD CTRI STANDARD OPERATING PROCEDURE (SOP) POLICY Acceptable Use Policy: SOP-CTRI-002c Section of: CTRI VPN Access Request CONFIDENTIAL Created: 02/05/2015 Target Audience: CTRI Network Users Page 3 of 4 3.0 Service Level Agreement (SLA) Notification of the ticket creation with ticket number will be sent immediately upon receipt of sponsor/users request via e-mail to ctri-support@ucsd.edu. If additional information is required notification will be sent by assigned technician. If the user/s being requested for addition to the VPN pool have Active Directory accounts and all information requested by the assigned technician has been received, the request normally takes two business days. If the user/s being requested for addition to the VPN pool do not have Active Directory accounts, the ticket completion will be contingent upon the requested confirmation e-mail from the sponsor, in addition to all other information requested, the request should then be completed within four business days. 3.2 Ticket Closure Upon sending the notification to the sponsor/users containing the UCSD Host Master information by the assigned technical engineer the ticket will be closed in the Change Management system and a notification of the ticket closure will be sent to the sponsor/users. CTRI SSH Access Procedure Confidential UCSD CTRI STANDARD OPERATING PROCEDURE (SOP) POLICY Acceptable Use Policy: SOP-CTRI-002c Section of: CTRI VPN Access Request CONFIDENTIAL Created: 02/05/2015 Target Audience: CTRI Network Users Page 4 of 4 ____________________________________________________________________ Appendix A - Acronyms ACT AD CTRI E-Mail IDASH SLA SOP UCSD VPN Accrual Clinical Trials Active Directory Clinical Translational Research Institute Electronic Mail Service Level Agreement Standard Operating Procedure University of California San Diego Virtual Private Network CTRI SSH Access Procedure Confidential