Hybrid Work Recommendations - Your Network Access

Why use VPN?

Using a Virtual Private Network (VPN) provides a secure connection to the campus network from any location, as long as the device has an internet connection. VPN can be used to access campus resources (e.g., library resources, file servers) or to securely browse the internet. Due to security vulnerabilities, some services currently require VPN for access, including Canvas and MyCUInfo. 

How to download, set up and use VPN

  1. Download: Download the VPN that will work for your device from OIT's VPN service page. Please note: If your computer is managed by DDS, you may already have this software installed. 
  2. Set up: Follow OIT's setup and connect instructions for your device (see documentation column below) to connect to the VPN.
  3. Required setup information: The first time you connect to the Cisco VPN service, enter the following information:
    • Server Address: vpn.colorado.edu
    • Your CU Boulder Credentials: IdentiKey username and password
  4. Using VPN: After initial setup, all you need to do to use VPN is open the Cisco Secure Client application and enter your IdentiKey credentials to connect.
 

Security tips to reduce risk online 

The Office of Information Security has compiled a great resource for how to reduce risk online. Some key things to know include: 

  • Only university-provided computers, including mobile computing devices, should be used to access or handle sensitive university information. If you must use a personal computer, it is recommended that you use remote desktop to connect to your university-provided computer.
  • Secure your home Wi-Fi router by using a strong, unique password, and make sure encryption is enabled.
  • Boost Wi-Fi security with a virtual private network (VPN), especially when using a public wireless network. 
  • Keep software, including antivirus, updated.
  • Enable encryption to keep files and folders unreadable to unauthorized people.

Read the full article and find more security resources on the Office of Information Security website. 

When to use VPN

As a staff member, I need direction on when I need to use VPN so that I can protect my data.

When working remotely, many of the resources and tools to complete your daily work do not require the use of the CU's VPN. A few that do include the following:

Note: Some countries outside the United States filter internet traffic. As a result, access to some CU resources (including VPN) may be restricted. Such restrictions are outside of CU's control and can change frequently. OIT is unable to know which resources may not be accessed from countries outside the United States.

Campus Wireless Options

ServiceAvailable ForFeatures and When To Use ItDoes a user need to connect to the VPN when using this service?
UCB WirelessAll CU Boulder affiliates with an active IdentiKeyUCB Wireless provides access to the network in approximately 90% of all indoor building space on campus and is the network that faculty, staff and students should use, unless they are visiting an eduroam institution.To gain access to a privileged system, a user may need to use a VPN to access those resources.  Most daily work does not need a VPN to work (mail, calendar, Canvas, Teams, Zoom, etc.). A user may wish to protect their data in flight with a VPN since UCB Wireless is considered an unsecure network, meaning unencrypted traffic is viewable by computers on the same wireless channel.
eduroam Secure WirelessVisitors from participating eduroam institutions or for CU Boulder affiliates who are visiting other eduroam institutions.A federated wireless network service available on the CU Boulder campus as well as hundreds of other institutions in the United States and worldwide.To gain access to a privileged system, a user may need to use a VPN to access those resources. Since this network is considered secured, a VPN is not needed to protect traffic in flight.
Guest WirelessAny guest visiting the CU Boulder campus.Wireless access for CU Boulder visitors that doesn't require an IdentiKey. Connections last for 24 hours.All employees with an IdentiKey should avoid using this network, since it is intended for visitors and only allows certain protocols.

Remote Network Connectivity Guidance

Use this guidance to improve home internet connectivity. OIT also has a Home Networking 101 presentation available for download that goes through our recommendations, as well as a recording of the Networking 101 webinar.

Internet Speed Information & Recommendations

Whether you have applied for a federal grant for technology through the CARES Act and are looking for information on how to spend that money appropriately, or you just want to make sure your Internet Service Provider's (ISP) connectivity meets the minimum standard for remote learning success, these recommendations can help point you in the right direction.

Most Common Types of Internet Connectivity Offered in the United States: 

Broadband connections are run over a cable infrastructure (i.e., Coaxial Cable, Optical Fiber, and/or Ethernet).

  • Cable connectivity offered by Comcast/Century Link are very common and offer technical help in setting up the connection. 
  • Speeds range from 25Mbps to 150Mbps for download and 1Mbps to 25Mbps for upload. Generally, this type of connectivity is considered optimal, since speeds of over 25Mbps can offer multiple people in a single residence better than good performance. 

Cellular connections are run over a wireless "cell" infrastructure and are provided by companies like AT&T, T-Mobile and Verizon.

  • Speeds can vary depending on the service you are connected to. These services are upgraded in an evolution, as carriers roll out better speeds over time. The most common is 4G LTE and in some metropolitan areas 5G is being adopted, though speeds are limited to your device's cellular chipset. 
  • Speeds range from 5Mbps to 12Mbps for download and 2Mbps to 5Mbps for upload, but will vary depending on congestion and signal to the nearest cellular tower. 
  • Connecting a wireless-enabled computer to a cellular device (e.g., phone or hotspot) is typically done by creating a wireless network and then connecting that device to the shared SSID or wireless network name. 
  • OIT does not recommend that these types of connections be shared between more than one user at a time. 

Base Recommendations for Your Internet Service Provider (ISP) of Choice: 

  • Because Zoom is the remote learning collaboration tool you will use that is most reliant on a consistent internet connection, your ISP's speed should match Zoom's minimum bandwidth requirements. Zoom's system requirements include at least a 3Mbps connection to take advantage of basic and advanced features.
  • Test your ISP's connection using CU Boulder's speed test site. Make sure to close extra tabs in your browser and quit any unnecessary applications before you click the Start button to begin the speed test. Be sure to test from the computer you plan on using for schoolwork and make sure it is connected to Wi-Fi or a hotspot. Any result in the download gauge showing speeds near or above 3Mbps should be acceptable. 
  • Connectivity doesn't meet the threshold? Contact your ISP and talk with them about what internet options are available.