Frequently Asked Questions - ISO Services

Common questions about The Information Security Office service offerings

How is the rVPN monitoring different from being on campus?

The degree of monitoring on campus varies depending on the location of the system. For most users the only traffic that is inspected for signs of compromise is traffic that goes off of the campus network or is directed at systems protected by our firewalls. For people on networks protected by a firewall there is additional monitoring at the firewall location.

When it comes to the Restricted VPN the monitoring occurs for almost every packet that leaves the systems connected to the VPN.

Should the Restricted VPN (rVPN) be used full time?

Because of the increased monitoring, most users will only want to use the Restricted VPN for access to the systems that host the restricted data. Beyond that, it is probably preferable to use the normal VPN.

Who is eligible for the Restricted VPN (rVPN) service?

Individuals who access and control a large quantity of restricted data or key IT infrastructure as part of their normal business activity may be eligible for this service. Individuals who use the data are not necessarily eligible. This service is for those with a high level of access to bulk quantities of this data. Additionally, researchers working in heavily targeted areas may be eligible for this service.

To confirm eligibility, please contact rvpn@...

What traffic is blocked by the rVPN?

Traffic from this service is blocked if it is going to or coming from a list of IP addresses, hostnames and URLs the security department believes are involved in malicious activity. These lists are derived from both our own monitoring and from reputable third party sources. Additionally, traffic that is detected as malicious, where the severity of the activity is set as a medium (or higher) level by Palo Alto networks (our VPN and firewall vendor), is also blocked.

How is the rVPN different from the regular VPN service?

The regular VPN service is intended to allow members of the campus community to access campus resources without having to be physically present on the campus. The Restricted VPN is meant to not only allow people remote access to the network, but to also enforce stricter security controls including blocking some traffic, logging all network traffic, detecting signs of unusual activity to or from the clients and using security profiles to block any malicious or vulnerability related traffic that has a rating of medium severity or higher.

As part...

What happens if I am running a Windows 7 computer after Jan. 14, 2020?

If you are running Windows 7 you are unsupported and out of compliance with campus policy. What happens next: Feb. 1, 2020 - ISO notifies Windows 7 systems users to disconnect from the campus network Mar. 1, 2020 - ISO blocks Windows 7 devices seen on the campus network

Please note: In the event that a Windows 7 exploit is released before Mar. 1, ISO reserves the right to immediately block any vulnerable device per the Blocking Network Access Policy.

Exceptions

...

What do I do if I've disclosed or shared data that was protected?

First off, what is a disclosure?

It's the intentional or unintentional release of protected or private/confidential information to an untrusted environment or to unauthorized individuals.

Process for reporting a disclosure Remove the disclosed information as soon as possible Immediately report the incident to the Information Security Office Notify your supervisor

How can I get help from IT on Windows 7 End of Life?

Please fill out this request form only if you have not already been in contact with campus IT professionals (either through your department or IT Client Services) regarding the upgrade of your current Windows 7 computer, purchase of a new computer, or security exception application.

What should I do after my CalNet gets unlocked?

Now that your CalNet account has been unlocked, you must reset your passphrase as follows:

Go to https://mycalnet.berkeley.edu

Select "Forgot my CalNet ID / Passphrase"

Enter your Student, Employee, or Affiliate ID NUMBER, or recovery email address

Confirm that you are not a robot by selecting all of the applicable images

Once you receive the email to reset your...

Where can I get detailed questions answered regarding the new IS-3?

Units interested in detailed information about IS-3 controls; roles and responsibilities; and implementation tools from the UC Systemwide Policy Office can contact ISO at security@berkeley.edu to request access to the systemwide materials.