Restrictions on Connecting Via Remote Desktop Protocol (RDP) from Off-Campus

Over the past few months, the campus has seen a marked increase in attacks from off-campus computers using Remote Desktop Protocol (RDP). Additionally, two vendors have issued security advisories for their products that, like RDP, involve connecting to the university network from remote computers. First, Symantec advised users of its pcAnywhere software to cease using several versions due to a source code compromise. Second, Hewlett-Packard issued a warning regarding networked printing for several of its networked printer models. To address these threats and weaknesses, the university will begin to limit access to these services for remote computers connecting to the campus network, including computers connecting to the campus over a virtual private network (VPN).

Beginning March 30th, technical controls will be deployed at the campus network border that will block connections to the campus from remote computers attempting to connect using RDP and/or attempting to print to on-campus networked printers. After that time, individuals wishing to use these services from off campus will be required first to connect to the campus network via VPN. A VPN is a network that uses a network, such as that provided by your home ISP, to give remote computer users secure access to their organization’s network. There is only one type of VPN client software available here on campus, which is Cisco AnyConnect SSL (Secure Socket Layer) client.

Most campus computers already have this restriction in place due to the way the computers are configured. The upcoming change will be new for individuals that use computers not currently configured in this manner.

Note that the SSL client is useful if you need VPN access unexpectedly or temporarily.

More information is available at the following links: