This remote access policy defines standards for connecting to the organizational network and security standards for computers that are allowed to connect to the organizational network. It also specifies how remote users can connect to the main organizational network and the requirements for each of their systems before they are allowed to connect.
The remote access policy defines the method users can use to connect remotely such as VPN. It will specify when using the VPN, the VPN protocols used will be defined. Methods to deal with attacks should be considered in the design of the VPN system.
The purpose of this policy is to define standards for connecting to remote offices located in Atlanta, San Francisco, Chicago, and Dallas. These ...view middle of the document...
Only upon approval will the account settings be changed to allow remote access.
4.0 Remote Computer Requirements
1. An anti-virus product is required to be operating on the computer at all times in real time protection mode.
1. The anti-virus product shall be operated in real time on the computer. The product shall be configured for real time protection.
2. The anti-virus library definitions shall be updated at least once per day.
3. Anti-virus scans shall be done a minimum of once per week.
No one should be able to stop anti-virus definition updates and anti-virus scans except for domain administrators.
2. The computer must be protected by a firewall at all times when it is connected to the internet.
5.0 Remote Connection Requirements
The remote user shall use virtual private networking (VPN). VPN uses a local connection to an internet service provider (ISP) and creates a tunnel through the local ISP connection to the organizational network. This section specifies the requirements for VPN connections.
5.2 VPN Requirements
1. Client Check - A requirement that must be set for VPN clients is that a firewall must be installed and operational. Also Anti-virus software must be installed and operational. If the VPN client does not meet the criteria, either the connection is not allowed or the client can only access a limited area where they can get the software needed to meet the requirement.
2. The connection choices are PPTP, L2TP, IPSec, and SSL. The connection shall use IPSec which encrypts the data sent through the connection.
3. Authentication - For authentication of the user, the dial in connection shall use Internet Key Exchange (IKE) with digital certificates. The other choice is Internet Key Exchange (IKE) with a preshared key.