University IT
Network Access Control (SUNAC)
Important information for Workgroup Manager Administrators
Access to firewall documentation and to firewalled systems via SUNAC is granted through Workgroup Manager. Workgroup administrators are responsible for keeping workgroups up-to-date, making sure to include only those staff who need access to the protected data. Workgroup administrators should remove staff from the appropriate workgroups upon termination of service from the University, when staff relocate to other positions, or when access is no longer required in order to perform a job.
The Stanford University Network Access Control (SUNAC) service enables restricting University firewalled network resources to specific SUNet ID(s) within a workgroup. For individuals working remotely, this is a more secure method to access firewalled resources that should not be reachable by the general University population.
Features
The SUNAC service allows LNAs or application owners to further restrict remote access to academic or administrative resources located behind University IT-managed Firewall Service. Using Workgroup Manager, access can be limited to specific faculty, staff, or students with a SUNet ID.
SUNAC is available to any academic or administrative group using the University IT-managed firewall service. This includes planning, implementation, and all on-going support costs. SUNAC enabled firewall rules will be reflected in the corresponding firewall documentation pages.
Designed for
Current faculty, staff, and students; schools and departments
Requirements
- Departmental resources must be located behind a University IT-managed firewall.
- End users need a SUNet ID and password.
- End users must be members of a workgroup that has been granted access to the protected resources.
- End users can access SUNAC-protected resources:
- While connected to Stanford's remote access VPN*.
- While on campus, connect to the eduroam Wi-Fi network from a device registered in NetDB.
* When connecting via Stanford VPN internationally, please note that local governments may impose technical restrictions and/or temporarily disable or disrupt connectivity due to various factors outside of the control of Stanford University.
Data security
May be used to transmit Low, Moderate, and High-Risk Data, as defined by the Information Security Office.
Rates
Free of charge
Get started
- Administrators or departmental LNAs wishing to secure their data assets with SUNAC should submit Firewall Service Requests to add workgroups and apply those workgroups to existing firewall policies or create new policies to include workgroup restrictions. Network engineers can assist with crafting rules to ensure that your information is made available to only those who need it.
- See Using SUNAC (Stanford Network Access Control) to learn how to log in to the service.
Get help
- End users who are unable to access resources should contact their LNA to ensure they have been granted the correct privileges.
- All network systems are monitored 24/7 for performance and component failures. Networking personnel are alerted to failures and will respond to alerts.
- Normal business hours are Monday through Friday, from 8 a.m. to 5 p.m. No after-hours support is available for the SUNAC service, other than support required to ensure the functionality of the firewalls and associated University IT network devices.
- Scheduled maintenance windows are Thursday, 4–6 a.m.; Saturday, 5–8 a.m.; and Sunday, 5–8 a.m.
