LAN-to-LAN VPN provides a secure and encrypted network connection for business transactions conducted between users and systems on one LAN to users, systems, and applications located on another LAN.
LAN-to-LAN VPN is a service for State agencies that need secure and encrypted access to business applications located on another network—e.g., a federal agency application or an application on another State agency’s subnet.
LAN-to-LAN VPN service provides agency LAN administrators or security staff the ability to dedicate long-term access to specific restricted services for a group of users—e.g., a business to business Extranet.
LAN-to-LAN VPN Product Features
Secure Business to Business Transactions
Dedicated long-term access for a group of users (or servers) on one LAN to specific restricted services located on another LAN.
Secure Connection
A Virtual Private Network (VPN) between two LANs internal or external to the state Wide Area Network.
Configuration
DTS staff work personally with the LAN Administrator assigned to an agency to configure the LAN-to-LAN VPN to meet specific business requirements.
ASA
Adaptive Security Appliances (ASAs) provide redundant, scalable network devices that perform end-point security for LAN to LAN configurations. DTS operates and maintains the ASAs.
Product Benefits
Security:
Many State agency businesses require access to applications maintained by other organizations located on external networks or subnets. Those organizations often require secure access to their network to reduce risk to their IT resources. LAN-to-LAN VPN configures a secure gateway to those business applications.
Ease of use:
Once the LAN-to-LAN VPN is set up, users don’t have to do anything—the service is transparent.
Business effectiveness:
State agencies can conduct requisite business transactions on other agencies’ or businesses’ secure networks.
Ordering and Provisioning
To order the Remote Access VPN product, please refer to the product request form on the DTS web site.
DTS Responsibilities
- DTS will work with the customer or the LAN Administrator assigned to the customer agency to obtain the parameters required to set up and test the requested LAN-to-LAN VPN.
- DTS will provide instructions for product use.
- DTS will operate and maintain Adaptive Security Appliance (ASA).
- To ensure the security of State information technology resources, DTS may block access to any State network node when trouble-shooting security intrusions.
- DTS will enforce State Information Security, and Appropriate Use policies.
Agency Responsibilities
- The customer will adhere to their Agency’s policies and procedures in submitting orders that have been properly approved.
- The customer agency will submit LAN-to-LAN VPN request to DTS through the DTS website.
- Customer will complete the online request form including: Customer Contact information; IP Addresses; Internet Key Exchanges (IKE) and Internet Protocol Security (IPSEC) information.
- The customer or the LAN Administrator assigned to the customer’s agency will work with DTS Network Operations to provide network parameters required to set up and test the requested LAN-to-LAN VPN.
- The customer or the LAN Administrator assigned to the customer’s agency will support the end-users’ access to the business-related application or network on the far end of the LAN-to-LAN VPN.
- Customers will comply with the State Acceptable Use Policy, the State Information Security Policy.
System Requirements
End nodes must be IPSEC devices.