VPN Policy
METU NCC Remote Access and VPN Service Use Policy
Access to management functions of campus systems such as ssh, remote desktop, etc. remotely (meaning off campus or off campus network; these terms will be used in this text interchangeably with the same meaning) and remote access (access from outside the campus network) to all METU NCC / METU resources/services (that remote access has been approved by campus management) will only be made via VPN services; and not directly over the Internet (via the software like Teamviewer, etc.) and/or via campus firewall exemption rules (if not otherwise exempted from this rule by the instruction of the campus management). Users accessing METU NCC/ METU network resources/services remotely, will reach only the resources that they need to access to fulfill the academic or administrative work.
VPN Description
VPN is the abbreviation of Virtual Private Network. The VPN provides a secure connection to users to access their institution and its resources through an encrypted tunnel (providing data integrity (which ensures no data will be changed without undetected during transmission or transit) and preventing intervene of third parties to the communication) over the Internet access (from any device that has an Internet connection).
The following diagram depicts the VPN connection:
Aim and Scope of METU NCC VPN Service
METU NCC students (at this stage) will not be able to benefit from METU NCC VPN service. METU NCC students will be able to access METU services/resources which are only permitted to METU campus IP block and library (electronic) resources via their personal computers or mobile devices while they are off campus (or while not on campus network) through METU Ankara VPN service.
2. Academic / Administrative Staff:
It is intended to enable METU NCC Staff access the resources mentioned under the "After establishing the METU NCC VPN connection, which resources will I be able to reach?" heading at http://netregister.ncc.metu.edu.tr/vpn via their personal computers or mobile devices while they are off campus (or while not on campus network). Please note that, for METU NCC Staff, access to library (electronic) resources off campus (or while not on campus network), will only be possible through METU Ankara VPN service, but access to any METU NCC resource will only be done via METU NCC VPN Service.
3. Private Companies (Contractors, Suppliers, Maintenance/Support Companies, etc.)
All of the employees of the private companies (all companies working on-site is under this category; including EBİ. A.Ş., etc.) that work for METU NCC and provide service or support, will do all of their work (tracking or monitoring the status of the devices, services or software, doing software/service, etc. deployment, development or improvement, doing maintenance/repair/patch work and so on) on/regarding campus resources via METU NCC VPN Service, while off campus (or while not on campus network). With this service, it is intended to enable the safe access of the related company employees, to the METU / METU NCC resource in need to do the job, while off the campus network. In order to be able to use this service, the private companies will need to fill and sign the “METU NCC VPN Service for Companies Application Form” that they will get via the METU NCC unit they work for, at least 10 business days earlier from the intended date of first use of the service. The form will be sent to the approval of a series of related METU NCC units and the campus management via the internal F-43 form. If the application is approved by the campus management, the information and account necessary to set up, configure and get connected to the METU NCC VPN service will be transmitted to only the company employee(s) indicated in the application form by METU NCC Staff. Unless the METU NCC unit that company is in direct work relationship approves that the request is due to a legitimate reason, the application gets directly rejected. METU NCC, at all times/circumstances, reserves the right to reject the application in question and get the work done by the company, on-site (at METU NCC campus).
Rules for Using METU VPN Service
1. The METU NCC VPN Service, which is provided to METU staff and METU NCC management authorized private company employees, should be used in accordance with the METU Information Technology Resources Use Policy which is given on the link.
2. The state allocates and grants to the University financial resources in order to accomplish computer networking technology investments that will primarily aid the instructional, academic, research and administrative objectives of the University. The personal use of the VPN service by the users should in no way disrupt access priorities of those users that use the network for such instructional, academic, research and administrative objectives.
3. In this respect, the users can find the guidelines for the appropriate use of VPN service; the rules and regulations that the users must comply with and misconducts & prohibited behaviors as follows
3.1. Using Peer-to-peer (P2P) file sharing programs via VPN connection, is strictly forbidden. VPN users should disable such applications before connecting to VPN service and keep them off during their VPN usage.
3.2. It is forbidden to use VPN service for commercial purposes or for activities of private gain.
3.3. It is forbidden to use network resources for mass mailing, mail bombing, sending spam and users are not allowed to provide the means to the third parties to perform similar acts.
3.4. It is forbidden to make any activity that my risk the security of other users, such as DOS or port scan.
3.5. VPN users are responsible for any damage arising from the use of METU VPN service as well as, intentionally or non-intentionally allowing others to use this service.
3.6. It is forbidden to use VPN resources for running network services (such as DHCP, DNS, BOOTP, Proxy, etc.) or announcing routing protocols.
3.7. Users should use Operating Systems on their devices while using this service that technical and security support is not discontinued. They should keep their device's operating system and running software/applications/anti-virus up to date. METU NCC Directorate of Information and Communication Technologies (METU NCC DICT) might check on this condition during the VPN authorization and might not allow the connection till they conform this condition, without prior notice to the user.
4. Users who are found to violate these rules, can be applied one or more of the below penalties.
4.1. Restraining the use of VPN service,
4.2. Disabling the user code on the central systems or changing the password,
4.3. Starting investigation via University Authorities,
4.4. Starting legal investigation.
5. The users, who has been proven to have disregarded or violated the rules and regulations, will be forewarned via on-line written notice. Any user who has failed to receive the notice, can gain information from METU NCC DICT ncc-ccmetu.edu.tr (ncc-cc
6. These rules and regulations become effective as soon as they are publicized. The University and METU NCC DICT reserves the right to amend these Rules and Regulations at any time without prior notice, moreover these Rules and Regulations will be reviewed periodically and amended if necessary. The updated version of the rules and regulations can be viewed in the same address. You can contact ncc-ccmetu.edu.tr (ncc-cc
metu.edu.tr) for your questions.
1. All METU NCC staff and METU NCC management authorized private company employees use VPN service in accordance with METU Information Technology Resources Use Policy. METU NCC Staff use their METU NCC user account details, and authorized private company employees use the credentials provided to them by METU NCC DICT for the service authentication and authorization.
2. METU NCC VPN service will be operational 7x24 except outages.
3. In case of failure;
3.1. The service failures, occurring within working hours will be fixed as soon as possible.
3.2. The service failures, occurring outside working hours will not be treated as urgent and will be fixed starting from next business day.
3.3. In case of hardware failure it is possible have long outages.
4. Long outages of VPN service will announced on METU NCC DICT web page.
5. VPN service will be provided with a maximum of 1 Mbps for each user.
6. Opened VPN sessions will end automatically if users stay idle for 30 minutes. Users who want to use the service longer, they should re-login. One concurrent VPN session is allowed per user.
7. To protect the university resources, in appropriate cases (such as security related cases), without prior notice, a user's remote connection / VPN access can be terminated or the service or all user's access is temporarily disabled/terminated.
8. Users can only access METU NCC sources within the METU NCC VPN tunnel. METU NCC VPN allows access to METU NCC resources via the VPN connection but non-METU NCC traffic flows normally on the user's unencrypted Internet connection. Therefore, access to the library electronic resources via METU NCC VPN service is not possible. Off campus METU NCC users should use METU Ankara VPN service for this purpose.
9. Access to the VPN service is possible only via the client software specified at http://netregister.ncc.metu.edu.tr/vpn/client. Users themselves, should take any necessary measures (backup, taking the image of the current state, etc.) against potential problems regarding their device before installing any of this software. METU NCC will not give any support to users in this regard and any risk or consequence will be the responsibility of the user.
1. All the risks arising from use of METU NCC VPN or METU VPN service, are under responsibility of the user. METU NCC Directorate of Information and Communication Technologies is not responsible for any risk or damage caused by the use of the service.
2. METU NCC Directorate of Information and Communication Technologies is not responsible for any risk or damage caused by the interruption of METU NCC VPN or METU VPN connection or outage of the service.
3. METU NCC Directorate of Information and Communication Technologies restricts access to some network services and/or web pages via METU NCC VPN without notice.
How to get connected to VPN service?
The client software, settings and instructions necessary to get connected to the METU NCC VPN service can be found at http://netregister.ncc.metu.edu.tr/vpn.
The client software, settings and instructions necessary to get connected to the METU Ankara VPN service and solve problems (if any) can be found at http://faq.cc.metu.edu.tr/groups/vpn-service.