{"id":19436,"date":"2024-06-03T12:00:56","date_gmt":"2024-06-03T10:00:56","guid":{"rendered":"https:\/\/blog.rwth-aachen.de\/itc\/?p=19436"},"modified":"2024-06-07T10:30:42","modified_gmt":"2024-06-07T08:30:42","slug":"sicherer-zugriff-auf-das-instituts-vpn-an-der-rwth-aachen","status":"publish","type":"post","link":"https:\/\/blog.rwth-aachen.de\/itc\/en\/2024\/06\/03\/sicherer-zugriff-auf-das-instituts-vpn-an-der-rwth-aachen\/","title":{"rendered":"Secure Access to the Institute VPN at RWTH Aachen University"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_19436 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_19436')){$('.twoclick_social_bookmarks_post_19436').socialSharePrivacy({\"txt_help\":\"Wenn Sie diese Felder durch einen Klick aktivieren, werden Informationen an Facebook, Twitter, Flattr, Xing, t3n, LinkedIn, Pinterest oder Google eventuell ins Ausland \\u00fcbertragen und unter Umst\\u00e4nden auch dort gespeichert. N\\u00e4heres erfahren Sie durch einen Klick auf das <em>i<\\\/em>.\",\"settings_perma\":\"Dauerhaft aktivieren und Daten\\u00fcber-tragung zustimmen:\",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/blog.rwth-aachen.de\\\/itc\\\/en\\\/2024\\\/06\\\/03\\\/sicherer-zugriff-auf-das-instituts-vpn-an-der-rwth-aachen\\\/\",\"post_id\":19436,\"post_title_referrer_track\":\"Secure+Access+to+the+Institute+VPN+at+RWTH+Aachen+University\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p><div id=\"attachment_19459\" style=\"width: 310px\" class=\"wp-caption alignright\"><a href=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-scaled.jpeg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-19459\" class=\"wp-image-19459 size-medium\" src=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-300x200.jpeg\" alt=\"Cables\" width=\"300\" height=\"200\" srcset=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-300x200.jpeg 300w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-1024x683.jpeg 1024w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-768x512.jpeg 768w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-1536x1024.jpeg 1536w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2024\/06\/Zentrales-Instituts-VPN-Blog-2024-03-28-2-2048x1365.jpeg 2048w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-19459\" class=\"wp-caption-text\">Source: Own illustration<\/p><\/div><\/p>\n<p>In order to be able to access the RWTH network from anywhere in a secure, encrypted way, the academic institutions of RWTH Aachen University can provide a VPN instance to a restricted group of people if required. This allows users to securely access their resources at their institution. As part of the<a href=\"https:\/\/blog.rwth-aachen.de\/itc\/en\/2024\/01\/24\/einfuehrung-vpn-mfa\/\"> introduction of multi-factor authentication<\/a> at RWTH, the security requirements for these VPN instances have increased.<\/p>\n<p>There are various options for managing and enabling VPN access, which we would like to introduce to you in the following blog post.<\/p>\n<p><!--more--><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"color: #00549f;\">Institute VPN on Dedicated Hardware<\/span><\/h3>\n<p>This variant requires dedicated hardware, i.e. hardware that is configured exclusively for the secure VPN access of a specific institution. This must be procured by the institution itself via the IT Center. A consultation is held with the IT Center to determine which device is suitable for the respective institution.<\/p>\n<p>After the initial configuration of the physical VPN device by the IT Center, the administrators of the institution manage access to the VPNs themselves. If required, they can enable access to the VPN instance for staff and students at their institution. In addition, they can regulate access to resources within the institute via firewalls or dedicated VPN groups.<\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"color: #00549f;\">Institute VPN on Centralized IT Center Hardware<\/span><\/h3>\n<p>Another option is to operate the institute VPN on centralized IT Center hardware. Unlike the first variant, no physical device is installed at the institution at this point. In order to be able to use these VPN instances, the IT Center provides a virtual and significantly more efficient instance on redundant hardware in relation to the size of the shared use. With the redundant hardware, there are several hardware components that can take over in the event of a failure to increase availability and reliability.<\/p>\n<p>The virtual instances are isolated from each other. This means that each virtual instance operates in a separate, independent environment. This isolation ensures that one instance has no impact on another and thus guarantees a high level of security. VPN users are only shown the relevant context when they dial in. This gives them access to the specific resources and information that are relevant and authorized for them. This makes operation just as easy as when dialing into a VPN device running on dedicated hardware.<\/p>\n<p>Extended security measures or a site-2-site configuration, which establishes an encrypted tunnel connection between different locations (e.g. institute in the RWTH network and branch offices), are no longer possible for technical reasons.<\/p>\n<p>&nbsp;<\/p>\n<p>If you need consultation on the central instance or all other VPNs or simply have questions, you can contact the IT Service Desk (<a href=\"mailto:servicedesk@itc.rwth-aachen.de\">servicedesk@itc.rwth-aachen.de<\/a>).<\/p>\n<p>Further information on the VPN modules can be found on <a href=\"https:\/\/help.itc.rwth-aachen.de\/en\/service\/vbf6fx0gom76\/article\/b03171bffec249af9a062cbbdc58b34a\/\">IT Center Help<\/a>.<\/p>\n<hr \/>\n<p>Responsible for the content of this article are <a href=\"https:\/\/www.itc.rwth-aachen.de\/cms\/it-center\/it-center\/profil\/team\/~epvp\/mitarbeiter-campus-\/?gguid=PER-A5ZE3KS&amp;allou=1&amp;lidx=1\">Corinna Hausberg<\/a> and <a href=\"https:\/\/www.itc.rwth-aachen.de\/cms\/it-center\/it-center\/profil\/team\/~epvp\/mitarbeiter-campus-\/?gguid=PER-EB7A3US&amp;allou=1&amp;lidx=1\">Benedikt Paffen<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Sorry, this entry is only available in Deutsch.<\/p>\n","protected":false},"author":6019,"featured_media":19455,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"c2c_always_allow_admin_comments":false,"footnotes":""},"categories":[314,315],"tags":[1153,61,1152,1151,57],"class_list":["post-19436","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-sicherheit","category-services-support","tag-instituts-vpn","tag-it-sicherheit","tag-rwth-netz","tag-rwth-vpn","tag-vpn"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts\/19436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/users\/6019"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/comments?post=19436"}],"version-history":[{"count":11,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts\/19436\/revisions"}],"predecessor-version":[{"id":19461,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts\/19436\/revisions\/19461"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/media\/19455"}],"wp:attachment":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/media?parent=19436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/categories?post=19436"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/tags?post=19436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}