2factor VPN - Service Description
The Office of Campus Information Security (OCIS) provides a higher-security VPN service called 2factor VPN which is intended for users who need to remotely access sensitive or secure data.
Because of the need for greater security when accessing certain kinds of secure information, the Office of Campus Information Security (OCIS) has established 2factor VPN, a higher-security VPN service for remote access. This service is intended to provide additional security (beyond what is available in WiscVPN) using the following measures:
- Authentication is certificate-based instead of being secured by NetID and password exclusively
- Users will connect using Cisco's Cisco AnyConnect SSL client instead of the current WiscVPN IPsec client
- All IP assignments are static (instead of dynamic)
- Includes intrusion detection and protection
The 2factor VPN service is intended primarily for DoIT staff and HRS project staff and is not currently available campus-wide. In order to access the 2factor VPN service, you must be added as an eligible user. Note that the WiscVPN service will continue to be available for those users who are not eligible for OCIS VPN access.
Those who are eligible to use the 2factor VPN service will first need to obtain a personal digital certificate in order to access the service. This is the same certificate used for digitally signing email (sometimes called PKI), and so some users may already have this certificate.
Users will also need to download and install the Cisco AnyConnect VPN client in order to access the 2factor VPN service. This client is available for Windows (both 32-bit and 64-bit versions) as well as Mac OS X (both Intel and PowerPC) and Linux.
For the downloading and installing Cisco AnyConnect VPN please see: 2factor VPN (Win) - Installing AnyConnect VPN client on Windows
The 2factor VPN service should be available 24 hours a day, 7 days a week. However, the service does have a regularly scheduled maintenance window on Sunday mornings from 9:00 AM to 11:00 AM. During this time, users may have trouble connecting to the 2factor VPN.