Skip to main content Start main content

Security uplift for remote connection to dept research servers from outside campus

In an effort to bolster security measures for remote access to department research servers hosted on the University Data Center, we will be enabling the remote device profile check feature on Research VPN service for all new and existing Research VPN users, starting from 5 April 2024.

What is remote device profile check or Host Information Profile Check?

Host Information Profile Check (HIP check) is a feature of VPN security software enforcing security policies based on the information of the remote client device profile status. The remote client device information checked includes anti-virus status, system versions, patch information, and whether a host-based firewall is enabled, among other things.

 

Research VPN 01

 

What changes will be implemented from 5 April 2024?

To protect department research servers from malicious code attacks originating from compromised remote access devices, effective from 5 April 2024, users’ attempts to establish Research VPN connection back to the campus will be blocked, if the remote client devices fail the HIP check.

The HIP check will verify whether an anti-virus software with virus definition files updated within the last 7 days is installed and running in 'real-time protection' mode. If the results are positive, the secure VPN software will establish the Research VPN connection. If not, attempts to establish a remote connection to the department’s research servers via VPN will be blocked.

 

What security protection is required for remote devices used by Research VPN users?

All existing and new Research VPN users were notified about the caption change on 11 March 2024. A transition period has been offered from 11 March to 5 April to allow users to take mitigating actions on their remote devices. The research VPN service will still honor the connection request during this transition period, even if HIP check fails.

 

Research VPN 02

Researchers and students should make sure that the remote client devices they are using are running on supported operating system versions and have up-to-date anti-virus software installed. The table below outlines the supported operating system versions and recommended anti-virus software:

Operating System   Anti-virus Software*
 Windows
(Windows 10 64-bit or later)
  1. Windows Defender (recommended; Windows built-in anti-virus software)
  2. AVG
  3. Avast
  4. Avira
 Mac
(macOS 10.13 or later)
  1. AVG
  2. Avast

* Note:

  1. The anti-virus software listed above is provided as a suggestion. These anti-virus software options have been tested and proven to be accepted by the HIP check. For other anti-virus software of your own choices, you may need to perform a trial to ensure compatibility.
  2. Please ensure that the anti-virus software being installed is properly licensed and is suitable for devices used for University research work, particularly when using its free or trial versions. Please read the End User License Agreement of the chosen anti-virus software carefully for specific details regarding its terms of use.

How can Research VPN users confirm that their devices have passed the HIP check?

If your device has successfully passed the HIP check, a notification message stating "PASSED" will be displayed, as shown below:

Research VPN 03

 

If your device cannot pass the HIP check, the "FAILED" notification message will be displayed, as shown below:

Research VPN 04

 

Should you need further assistance, please contact the ITS Help Centre (Tel: 2766 5900, WhatsApp/ WeChat: 6577 9669) or reach out to us via the IT Online ServiceDesk.

 

 

Your browser is not the latest version. If you continue to browse our website, Some pages may not function properly.

You are recommended to upgrade to a newer version or switch to a different browser. A list of the web browsers that we support can be found here