Skip to content Skip to site navigation

Network Access Control (SUNAC)

Important information for Workgroup Manager Administrators

Access to firewall documentation and to firewalled systems via SUNAC is granted through Workgroup Manager.  Workgroup administrators are responsible for keeping workgroups up-to-date, making sure to include only those staff who need access to the protected data. Workgroup administrators should remove staff from the appropriate workgroups upon termination of service from the University, when staff relocate to other positions, or when access is no longer required in order to perform a job.


The Stanford University Network Access Control (SUNAC) service enables restricting University firewalled network resources to specific SUNet ID(s) within a workgroup. For individuals working remotely, this is a more secure method to access firewalled resources that should not be reachable by the general University population.

The SUNAC service allows LNAs or application owners to further restrict remote access to academic or administrative resources located behind University IT-managed firewalls. Using Workgroup Manager, access can be limited to specific faculty, staff, or students with a SUNet ID.

SUNAC is available to any academic or administrative group using the University IT-managed firewall service. This includes planning, implementation, and all on-going support costs.  SUNAC enabled firewall rules will be reflected in the corresponding  firewall documentation pages.

Get started

Administrators or departmental LNAs wishing to secure their data assets with SUNAC should submit a Firewall Rule Request including the existing firewall rule(s) and the workgroup to which the rule will be restricted. Network engineers can assist with crafting rules to ensure that your information is made available to only those who need it.

End users can use their existing VPN client to access resources through SUNAC.  End users who are unable to access resources should contact their LNA to ensure they have been granted the correct privileges.

See Using SUNAC (Stanford Network Access Control) to learn how to log in to the service.

Learn more

Last modified November 14, 2018