[As of: May 20, 2025]

Disclaimer: This translation exists for your convenience only. The german original is the only document which is valid for you if you are using our VPN service.

The shared systems group b-it\Computer Science (GSG) offers all members of the Inst. for Computer Science and the b-it privileged and secure access to the institutes network via a VPN gateway. This VPN access can be used, in particular, with mobile devices, e.g., from public wireless networks, or from a private, home-based workstation via the Internet. The access is fundamentally bound to responsible and considerate usage and must be proportionate to the scientific benefit.

1. The following regulations apply to all network accesses via the VPN gateway of the Institute of Computer Science/b-it, regardless of the type of device you are using.
2. Access to other networks via the VPN gateway generally requires acceptance of the applicable regulations.
3. In particular, the rules of the User Agreement for the Institute of Computer Science/b-it, hereinafter referred to as the general User Agreement, apply.
4. Changes to these VPN Terms of Use will be communicated to users via email.

1. All users of the Inst. for Computer Science or the b-it are authorized to use the VPN gateway in accordance with the general User Agreement.
2. Use of the VPN gateway requires a valid user authorization and user ID at the Institute for Computer Science/b-it in accordance with the general terms of use.
3. VPN access can be requested informally via a web interface and is valid for one year or until revoked.
4. VPN access may be blocked by the joint systems group in the event of violations of the applicable terms of use or to avert danger. The user will be notified of this in writing or by email, stating the reasons.

1. Users are obligated to comply with the provisions of these VPN Terms of Use and the applicable operating regulations and to observe notices from the shared systems group.
2. The access authorization may only be used for personal access and may not be made available to third parties. If there is any suspicion that the access authorization has been used by third parties, the systems group must be informed immediately.
3. VPN access may only be obtained via end devices and VPN software that comply with the operating regulations.
4. The user must take all appropriate measures to avoid disruptions to operations. In particular, system programs must be kept up to date with the latest security standards and protective measures must be taken to prevent the spread of malware (e.g., viruses).

1. For the duration of VPN use, the end device is dynamically assigned a network address from the University of Bonn address range and is therefore subject to the operating regulations for the university network. When accessing the university network, the user must ensure that they only use services for which they are authorized/licensed. In case of doubts in that regard, access to these services should be ceased immediately.
2. Third parties may not be granted access to the university network or to services within the university network via this network access.
3. No personal servers or peer-to-peer services may be operated via the VPN connection.
4. Commercial use is prohibited. Any use must be proportionate to the scientific benefit.
5. The use of devices or software that could cause network disruptions or that are used to systematically scan network endpoints is prohibited. If disruptions or attempted attacks are detected, the VPN access of the person responsible will be blocked.
6. The servers and services available via VPN access are limited. The specific restrictions depend on the user ID used and the network from which the connection was established.
7. On the end device, network-side firewall rules can be configured for the duration of VPN use, and the current security status can be checked.

1. To ensure smooth operation, the following data is collected and stored when using the VPN access:
   1. User ID
   2. IP address of the end device and the assigned IP address
   3. Time of connection establishment and termination
   4. Number of bytes received and sent
2. This connection data is deleted after 8 weeks at the latest.
3. The creation of anonymized traffic statistics, which may not contain user IDs, is permitted for operational reasons and for research and teaching purposes.
4. For security purposes, the joint system group responsible for operations may log user data communications and, if necessary, store them for later analysis. The logged data must be deleted immediately once the reason for the data collection no longer applies.

1. Without prejudice to criminal prosecution, the user is liable for any damage caused by him or her through culpable intent or gross negligence resulting from violations of legal regulations and the provisions of these regulations.
2. The usage of the VPN service lies entirely within your own risk.
3. The Institute of Computer Science/b-it assumes no liability for malfunctions of technical equipment or programs, data loss, or incorrect information provided by the shared system group.