Palo Alto GlobalProtect (VPN)

What it is and why it may be needed:

If you are outside of a Stony Brook Medicine (SBM) building or are on SBM-Employees or WolfieNet-Secure WiFi and need access to SBM internal resources (files, websites, servers, desktop), then it is recommended to use Citrix VDI (for faculty/staff) or SecureLink (for vendors). However, if there is a valid reason that these recommended methods do not provide the needed remote access for specific applications or scenarios, then the alternative is to use the SBM GlobalProtect VPN. The GlobalProtect VPN is a client that is installed on your computer that will provide encrypted access to the SBM campus and select resources. The GlobalProtect VPN is available to faculty/staff and to support vendors under select conditions.

If you need GlobalProtect access, then you must already have a UHMC AD account. You must then apply for and be approved for this access using the link below before continuing:

 

Minimum Requirements:

In order to use the GlobalProtect VPN, there are several user and system requirements. Please make sure these are in place before attempting to configure.

1) You must have a valid UHMC Active Directory account. (If not, have your sponsor submit a request.)

2) Your UHMC account must have been granted access to use Global Protect VPN. (If not, have your sponsor submit a request.)

3) You must have already set up Microsoft Multi-Factor Authentication (MFA). If you have not, please follow the MFA Setup Instructions.

4) Make sure your computer complies with the requirements below since they will be checked:

    • Operating System:  Windows 10 or above, macOS 12 or above.
    • You must have admin rights to your computer to complete the installation.
    • You must have required Anti-Malware Application installed, updated and in real-time protection mode from one of the vendors below:
      • Palo Alto, Avast, Bitdefender, CarbonBlack, Cisco, Crowdstrike, Cybereason, Cylance, Fortinet, Malwarebytes, McAfee, Microsoft, Norton, Sophos, SentinelOne, Symantec, Trend Micro, Webroot.
    • Computer must be up-to-date with latest operating system patches.
    • Computer must have its firewall enabled.

 

Important Note:

When connected to the SBM VPN, all traffic (including Internet) will be sent to SBM for connectivity. This traffic is logged and subject to web-filtering rules just as if you were onsite. Please be mindful of this and disconnect when needing to access non-SBM resources.

 

Instructions:

If you have confirmed all system requirements and agree with the terms, continue to the GlobalProtect VPN Instructions and select the appropriate operating system.

 

If you have any questions, please contact the Stony Brook Medicine Help Desk at (631) 444-HELP.