Overview
The Privileged Access VPN service lets you establish a secure network connection over the Internet from your computer/mobile device to a Security Gateway that provides privileged access to restricted UNSW resources. It is a tool that provides privileged access to UNSW resources where there is a need for additional cyber security access controls. These controls could include ensuring that access is restricted to a particular group within UNSW, or that the resource is being accessed from a trusted device.
Examples of applications or systems that may require access via the Privileged Access VPN are listed below:
• Systems that are critical to UNSW's safety and security
• Research systems that are subject to regulatory controls, or include sensitive personal data
• Medical systems that contain patient medical data
• Finance applications that contain banking or credit card details
• Applications that contain staff and student HR data
The list of applications and systems accessible via the Privileged Access VPN service will grow as the some of the group-based access from the Legacy Remote Access VPN is migrated to the new Privileged Access VPN service, and as additional applications and systems get onboarded. Please note that most administrator access to UNSW resources has not yet been migrated to the Privileged Access VPN service. Most system and application administrators should continue to use the "IT Admin VPN" or the "Hosting VPN" services, that are managed by Cyber Security Operations team within UNSW IT.
The Privileged Access VPN service is implemented using Global Protect and Prisma Access technology from Palo Alto Networks. It partially replaces the Cisco AnyConnect technology used in the Legacy Remote Access VPN service, which has been deprecated and will be decommissioned in late 2024.
The Privileged Access VPN service is available to only those UNSW staff and students that require it for their work. UNSW staff and students that are working remotely and require access to UNSW resources that don't require privileged access are encouraged to use the Remote Access VPN service instead.