Network Access

# Network Overview

NRAO Employees: Network access is for use on NRAO-approved machines only. Complete the and have it authorized by your local computing division head before attempting any connections except "nraoPUBLIC". Please note that VPN is the preferred remote connection technology.

Visitors: May make use of NRAO public wireless networks where available. For RFI restricted areas, contact the Help Desk.

## Network Access Policy

 When connecting to NRAO systems over a public network, such as the Internet or via the NRAO's internal network (the "intranet"), the following requirements apply: The connection must use Virtual Private Networking (VPN) or other software which can encrypt data and passwords in transit. The only permitted exceptions are when a non-NRAO computer cannot be configured to support such software or no approved encryption product is available for the service you need to use; however, these must be approved by an NRAO Computing Division Head prior to use. To ensure compatibility use products which are approved by the NRAO Computing Security Committee and specified in the Acceptable Encryption Policy; examples of these include the secure shell ("ssh"). A list of such products, along with instructions for using them, is published on the NRAO Computing and Network Security Committee web pages.

## Internet Access

Charlottesville, Socorro, and Green Bank have direct access to the Internet. In addition, three of the ten VLBA sites (KP, LA, and MK) have their primary connections via the Internet and PT is connected to Socorro's LAN.

## Network Inter-site Connections

There are connections between the sites that currently do not go through the "commodity" Internet (nor through Internet2 (I2) or other academic high-speed networks).