Network Access and Authentication Policy

advertisement
UCSD CTRI STANDARD OPERATING PROCEDURE (SOP)
POLICY
Acceptable Use Policy: SOP-CTRI-002c
Section of: CTRI VPN Access Request
CONFIDENTIAL
Created: 02/05/2015
Target Audience: CTRI Network Users
Page 1 of 4
1.0 Policy Statement
To support the process of requesting VPN access to UCSD CTRI network resources,
all users of the UCSD CTRI resource shall conform to the guidelines detailed in this
policy.
2.0 VPN Access Request
2.1 Change Management Ticket
To request VPN access to UCSD CTRI resources a change management ticket
must be created in the UCSD CTRI Change Management system by sending an
e-mail request to ctri-support@ucsd.edu. Once the ticket is automatically created
a notification will be sent to the requestor verifying a change management ticket
has been created and it will contain a ticket number. A technical engineer will
then be assigned to the ticket.
2.2 Required Information for VPN Access to CTRI network resources
Information required for a Change Management ticket for VPN access
should consist of the following;
a) Sponsor requesting VPN connection/s
b) Sponsor e-mail address
c) Sponsors phone number
d) UCSD active directory (AD) user name of persons requiring VPN
access.
(If person/s do not currently have AD accounts reference section 2.4 of this
document)
e) Person/s requiring addition to VPN pool e-mail addresses
f) Name of VPN network pool to be added to;
 CTRI (Administration network)
 IDASH (iDash Network)
 KMDC
CTRI SSH Access Procedure
Confidential
UCSD CTRI STANDARD OPERATING PROCEDURE (SOP)
POLICY
Acceptable Use Policy: SOP-CTRI-002c
Section of: CTRI VPN Access Request
CONFIDENTIAL
2.3
Created: 02/05/2015
Target Audience: CTRI Network Users
Page 2 of 4
Request for VPN access for Active Directory users
Upon receipt of the ticket notification and provided that the request
includes all necessary information, the assigned technical engineer will
request the user/s be added to the appropriate VPN pool via e-mail to the
UCSD Host Master. (If additional information is required the assigned
technical engineer will send an e-mail request to the sponsor requesting
additional information. If a reply from the sponsor is not received by the
assigned technical engineer within two business days the ticket will be
closed and the sponsor notified via e-mail.) Once a reply is received by
the assigned technical engineer from the Host Master verifying the
requested users have been added to the VPN pool, the sponsor will
receive a notification from the assigned technical engineer the request has
been completed and the ticket will be closed.
2.4
Request for VPN Access for non-Active Directory users
If the requested users do not currently have UCSD Active Directory
accounts, the assigned technical engineer will reply to the sponsor
requesting consent via e-mail to add the users to the UCSD Active
Directory. (If the assigned technical engineer does not receive a response
from the sponsor within two business days, the request will be cancelled
and the ticket closed and the sponsor notified by e-mail). The sponsors
e-mail response will constitute acknowledgment that the requested
users are approved for AD access and the sponsor accepts
responsibility for those individuals. After the assigned technical
engineer receives the consent e-mail he will contact the Host Master and
request AD accounts and the accounts be added to the requested VPN
pool. Once the assigned technical engineer receives the AD user
accounts back from the Host Master, he will e-mail the sponsor and users
with the AD login names and temporary passwords. The users will be
required to login to the designated URL provided by the UCSD Host
Master to change their temporary passwords. The Sponsor will receive
a notification from the assigned technical engineer the request has been
completed and the ticket will be closed.
CTRI SSH Access Procedure
Confidential
UCSD CTRI STANDARD OPERATING PROCEDURE (SOP)
POLICY
Acceptable Use Policy: SOP-CTRI-002c
Section of: CTRI VPN Access Request
CONFIDENTIAL
Created: 02/05/2015
Target Audience: CTRI Network Users
Page 3 of 4
3.0 Service Level Agreement (SLA)
Notification of the ticket creation with ticket number will be sent immediately upon
receipt of sponsor/users request via e-mail to ctri-support@ucsd.edu. If additional
information is required notification will be sent by assigned technician.
If the user/s being requested for addition to the VPN pool have Active Directory
accounts and all information requested by the assigned technician has been
received, the request normally takes two business days. If the user/s being
requested for addition to the VPN pool do not have Active Directory accounts, the
ticket completion will be contingent upon the requested confirmation e-mail from
the sponsor, in addition to all other information requested, the request should then
be completed within four business days.
3.2 Ticket Closure
Upon sending the notification to the sponsor/users containing the UCSD Host
Master information by the assigned technical engineer the ticket will be closed
in the Change Management system and a notification of the ticket closure will
be sent to the sponsor/users.
CTRI SSH Access Procedure
Confidential
UCSD CTRI STANDARD OPERATING PROCEDURE (SOP)
POLICY
Acceptable Use Policy: SOP-CTRI-002c
Section of: CTRI VPN Access Request
CONFIDENTIAL
Created: 02/05/2015
Target Audience: CTRI Network Users
Page 4 of 4
____________________________________________________________________
Appendix A - Acronyms
ACT
AD
CTRI
E-Mail
IDASH
SLA
SOP
UCSD
VPN
Accrual Clinical Trials
Active Directory
Clinical Translational Research Institute
Electronic Mail
Service Level Agreement
Standard Operating Procedure
University of California San Diego
Virtual Private Network
CTRI SSH Access Procedure
Confidential
Download