General

1. What is SSL VPN?
   SSL (Secure Socket Layer) VPN (Virtual Private Network) provides a "private" Web-based connection between two networks (e.g., between a campus department network and an external network) and encrypts the communications that pass between the two networks.
2. How would my department benefit from using SSL VPN?
   
   • SSL VPN provides faculty, staff and students working anywhere with an Internet connection with secure access to departmental network resources
   • Departmental systems administrators control account configuration and access to departmental computing resources
   • SSL VPN Authentication can use UC Davis Central Authentication Service (CAS) - no maintenance of separate usernames or passwords
   • SSL VPN is scalable and its configuration is customized to meet your department's organizational and operational demands
   • SSL VPN does not require a hardware capital investment by your department
   • SSL VPN is a robust solution and support services include fault tolerance, load sharing and fail-over protection
3. Can anyone in my department use SSL VPN?
   Yes. Anyone with an Internet connection and authorization to access a department's network resources can use a department SSL VPN. Departments running SSL VPN determine who is authorized to use the service.
4. Who do I contact if I have questions about my departmental SSL VPN service?
   Contact the IT Express Computing Services Help Desk at 530-754-4357.

ATR

1. Can additional licenses be ordered at any time?
   Yes. You can order additional licenses at any time by filling out a service request form on CR Web site. An SSL VPN reconfiguration fee will be charged for adding licenses to your department's SSL VPN configuration.
2. Are we required to order a minimum number of licenses? Is there a maximum?
   Yes. You are required to order a minimum of 15 licenses. There is no maximum when you order licenses.
3. How will SSL VPN services be billed?
   Charges for SSL VPN will appear on your department's Telecommunications Monthly Billing Statement, which is available for download by ATRs online through CR's e-Bill Web site.

Technical

1. Does VPN require a high speed Internet connection?
   High speed Internet access, such as a cable modem or DSL, is recommended.
2. Do users have to install a client on their systems to use SSL VPN?
   No. SSL VPN only requires a supported Web browser.
3. What Web browsers are supported?
   Browsers supported by UC Davis can be found HERE.
4. What do users see if the number of people attempting to use the VPN exceeds the number of licenses we hold?
   There is a 5% threshold built into the SSL VPN. This means that if there your department subscribes to 50 licenses, the 51st and 52nd concurrent users will get in with a warning message telling them that the number of licenses has been exceeded; the 53rd user receives a message that their access is denied due to insufficient licenses. These messages can be modified by the department SSL VPN administrator.
5. Does CR configure the SSL VPN for the department?
   CR will set up the initial login name and password for the department system administrator. The department system administrator is responsible for their department's detailed configuration.
6. I have a firewall. Will VPN still work?
   Yes, but the firewall must be reconfigured to allow the SSL VPN traffic through.
7. Is SSL VPN compliant with all UC Davis Cyber-Safety requirements?
   Yes.
8. What authentication protocol(s) can I use with the VPN service?
   SSL VPN service can support a variety of departmental authentication systems such NT Primary Domain Controller (PDC), Active Directory using NTLM or Kerberos authentication. SSL VPN service can also use the UC Davis Centralized Authentication Service (CAS).
9. Can I define user roles to manage access to department resources?
   Yes. You can create user roles and role mapping rules to limit or allow access to department resources.
10. How will I be notified of service outages or status changes? Upgrades/service changes?
    In the event that there is a campus network problem affecting the client department's connection or an upgrade/service change is necessary, the departmental NAR will be notified via email to the technotices@ucdavis.edu listserv. The departmental NAR will not be contacted directly.
11. Who do I contact if I have questions about my departmental SSL VPN service?
    Contact the IT Express Computing Services Help Desk at 530-754-4357.