SSLVPN is a web based service, which uses your local computer's internet connection to access
BIDMC/CareGroup IP Servers. To connect to the system, you must set up your home system to connect to the internet either through a dial-in, DSL or Cable Modem Internet Service Provider (ISP) and then launch the https://secure.bidmc.harvard.edu
website in a browser.
SSLVPN is a web based VPN that does not require a user to install VPN client software on remote devices. Users can make a secure connection from any laptop or desktop PC with any supported browser.
The secure gateway home page provides secure access to corporate content, applications, resources, and services. The secure gateway does not replace corporate intranet or extranet home pages but enables you to perform additional tasks through a secure connection.
Additional help can be found at http://issecurity.bidmc.harvard.edu/sslvpn .
DEFINITION, RECOMMENDATIONS, DISCLAIMERS and INSTALLATION INSTRUCTIONS
Please carefully read the following before you begin using the CareGroup SSLVPN.
DEFINITION:
An SSLVPN is a based VPN that does not require a user to install VPN client software on remote devices. Users can make a secure connection from any laptop or desktop PC with any supported browser.
The secure gateway home page provides secure access to corporate content, applications, resources, and services. The secure gateway does not replace corporate intranet or extranet home pages but enables you to perform additional tasks through a secure connection.
A Network Connect "virtual private network" refers to creating an encrypted data exchange between a client and a destination network using a path which transmits over a public, nonsecure carrier. The VPN can therefore run over the public phone network using a dial-up or
ISDN data line or over the public Internet using Internet feeds which are already in place. In both cases, the client's data is secure and private.
The Network Connect VPN can therefore be used by a client who already has a highspeed 'always-on' Internet connection (e.g. cable-modem, DSL, networked office directly connected to an ISP). In this case, the Network Connect VPN client creates its encrypted
'tunnel' effect over the public Internet and into the corporate Internet connection to
CareGroup.
The Network Connect VPN can therefore be used by a client who regularly dials into an
ISP using a 56K modem or ISDN connection. The Network Connect VPN client will sense the already established dial-up connection if separate software is used, or it will work in conjunction with Microsoft's Dial-Up Networking 1.3 or higher to dial the ISP. In either case, it will then create its encrypted tunnel over the ISP's Internet link which will then connect into CareGroup.
RECOMMENDATIONS:
The Network Connect VPN solution is NOT needed to access any of the resources below:
A user needs publicly available CareGroup resources, including many Intranet
( http://home.caregroup.org
) links. The VPN is not needed for key CareGroup applications such as CareWeb or Microsoft Outlook, which have their own secure, wide-area access solutions.
a user needs a secured, encrypted method to access CareGroup clinical or fiscal information.
a user needs to login to the ITS domain for access to other server-based resources (such as NT File Servers).
CareGroup IS recommends the use of Network Connect with the SSLVPN when:
a user needs a secured, encrypted method to access applications run locally on their remote system that access data on the CareGroup network. For example, if you run the full Outlook client rather than using Outlook Web Access.
DISCLAIMERS:
CareGroup Information Systems considers network access via the VPN to be a convenience to our users. As such, the I.S. Support Center (617-754-8080) will only provide phone support during normal business hours (Monday through Friday from 8 AM to 5 PM).
CareGroup IS can only provide limited support for the SSLVPN used on non-CareGroup
PCs or workstations. While the SSLVPN has been tested on numerous hardware and operating system platforms, the complexity of the application makes it impractical to fully support non-CareGroup equipment. The limited support includes basic VPN software troubleshooting, but NOT hardware support or on-site visits by CareGroup IS personnel.