Approved Campus Remote Access Services

Summary

Per the Minimum Security Standards for Networked Devices Requirement #8: Remote Access Services, any service that provides or allows access to campus systems or networks from all (or significant portions) of the public Internet must be approved by the CISO -- see list below.

Units may also approve their own remote access services provided the services:

  1. Meet the implementation requirements outlined in MSSND 8: Remote Access Services Guideline, and

  2. Are in documented Unit policy. 

Approved Campuswide Remote Access Services

There are several ways to remotely connect to the campus network based on the type of business you are conducting. The bSecure Remote Access VPN (Campus VPN) is the preferred method to access the campus network. It allows CalNet ID–authenticated users to securely access the UC Berkeley network. This and other services that have been reviewed and approved by the CISO for campuswide use are listed below. 

  • bSecure Remote Access VPN (Campus VPN)
    The bSecure Remote Access VPN (Virtual Private Network) allows CalNet ID–authenticated users to securely access the UC Berkeley network from outside of campus as if they were on campus and encrypts the information sent through the network.
  • Remote Desktop Gateway (RD Gateway)
    The RD Gateway is open to the internet and relays authenticated connections to systems running Remote Desktop Protocol (RDP).
  • Berkeley IT Citrix 
    Enterprise applications hosted through the Berkeley IT-managed Citrix gateway may be accessed remotely.
  • Berkeley IT Citrix - Virtual Desktop Infrastructure (VDI) 
    Virtual desktop environment hosted through the Berkeley IT-managed Citrix gateway. These are virtual desktops, accessed securely via Citrix.
  • Library Proxy Service 
    The Library's Proxy Service is an alternative to using the Campus VPN (full tunnel) to access Library resources from off-campus.

Prohibited Remote Access Services

The following services are not permitted on the campus network.

Service

Notes

Tor Project

General use of the Tor project is permitted; however, operating a Tor project “exit node” on the campus network is prohibited. 

On This Page