Remote Access Guidance


Technology Guide for Remote Working

Below are tips, tricks and “how‐tos” to aid our users when leveraging technology to work remotely.

General Computer Use Guidelines
  • Users should ensure their home computer systems are all up to date.
  • Follow the user guides for accessing network resources from your Windows and MacOS devices.
  • Utilize Skype as a means of communication with other employees.
  • Remember to lock your desktop before walking away from your machine, even from home.
  • Document printing at home is not authorized, and violates company policy.
  • The Acceptable Use policy still applies while working remotely.
General Telephone Use Guidelines
  • Call forwarding is available, send an email to telephonesupport@nv.doe.gov for assistance.
  • Follow the user guides for call forwarding from your office phone to an alternative number.
  • Employees should update their email signatures to include a telephone number they can be reached at.
  • For improved mobile phone reception, you can use Wi‐Fi Calling provided by your phone carrier.
Service Desk

The IT Service Desk is your “one‐stop‐shop” for all IT-related issues. Although we can be reached at 702-295‐1800, we can be even more responsive if you complete an Incident or Service Request on our online ServiceNow portal, where you can also “chat” with us for help.

Skype

Skype is our MSTS tool used for chat, and will help facilitate communications for employees on‐site, at remote sites, and working from home. If you know someone’s email address at another NNSA site, you should be able to engage in a chat session with them. Skype visually captures presence information. This means you can quickly see whether someone is "Available," "Busy," or away from their work station. Skype is a powerful and effective tool for immediate, real‐time conversations that can be used in many ways:

  • One‐on‐one chat
  • Multiple one‐on‐one chats (multi‐tasking)
  • Group chats

Things you can do in a chat session beyond just chat:

  • Add someone to a chat session
  • Share your desktop
  • Let someone else share their desktop
  • Send a file to all participants in the chat

Getting the most out of Skype:

  • Add individuals into Groups you create to quickly see availability
  • Create Groups for the individuals you communicate with most frequently
  • Add “Skype Meeting” to your meetings where someone will or may be remote so they can join easily and see your shared desktop for material being presented
  • Add a conference call‐in number for your meetings

Webex

Webex is a tool provided to MSTS employees to collaborate with vendors or contacts outside of the NNSS. Similar to Skype, you can utilize Webex to share your screens for a meeting in conjunction with an audio call. To obtain a Webex account, simply submit a SAR.

Information Technology and Cyber – FAQs

How do I log in in from home?
Follow the instructions available on the corresponding tabs on this webpage.

What if I don’t have a government-issued laptop or device?
You may use your personally owned equipment to connect to your VDI. This is not permitted with the FortiClient VPN.

How do I get a computer or cellphone for home use?
Discuss your needs with your immediate manager. IT will disposition all requests in alignment with approved response plans. Employees are urged to use their personal equipment to perform job functions.

How do I turn my government-issued iPhone into a hot spot?
Instructions can be found here: https://support.apple.com/en‐us/HT204023.

Can I connect my Government Furnished Equipment (GFE) into a personal monitor or screens?
Yes.

Can I use my own mouse and keyboard with GFE?
You may use your own mouse (wired or wireless) and you may use your own wired keyboard. The use of wireless keyboards is not allowed .

How do I get a conference bridge line?
Call the Service Desk at (702) 295‐1800 or send an email to conferencebridge@nv.doe.gov.

How do I get my password unlocked?
Call the Service Desk at (702) 295‐1800.

How do I print from home?
You cannot print from home. This is considered a violation of company policy.

Can I “tether” my iPhone to my GFE for Wi-Fi?
No. Simply use your government-issued cellphone as a mobile hot spot.

Can I use my Wi‐Fi at my house?
Yes, you may connect government-issued computers to your home Wi-Fi, personal cellular hot spot or government-issued cellphone hot spot. We are temporarily allowing individuals to use their government-issued cellphones as hot spots. Employees should not connect personally owned equipment to the government-owned iPhone hot spot. We are also temporarily allowing individuals to use their government issued air cards with their personal laptops. If you do not have a government-issued cellphone, discuss your need with your immediate manager, and submit a request in Service Now as appropriate.

What about sensitive information (e.g., PII, PHI, OUO, UCNI, Company Private)?
You must still enforce need-to-know requirements for anyone you discuss or share sensitive information with. This includes anyone near you while you are working remote. Entrust must still be used when sending emails that contain sensitive information. You can chat, screen share, and collaborate on sensitive documents via Skype. Printing of any documents while working remote is NOT authorized. You may NOT discuss UCNI information over ANY unclassified phone line. You may discuss PII, PHI, OUO, or Company Private information on the phone provided you have verified that everyone on the call has a valid need-to-know.

Can I use FaceTime on my company issued iPhone or iPad?
We are temporarily allowing employees to use FaceTime on their company issued devices with the following restrictions:
  • Only approved for use while off site.
  • Only approved for use when the conversation will NOT involve CUI (OUO, PII, PHI, UCNI, etc.).
  • The FaceTime session is NOT recorded in any capacity (audio or video).

Can I use my personal computer to perform work functions?
You may use your personal computer in order to remote in via Horizon View Client.
You may not perform any work functions directly on your home computer.

Personal computers are NOT authorized for any other official business. Company documents cannot be worked on (reviewed, revised, edited, drafted, etc.) on personal computers unless the documents have first been approved for Public Release by the Classification Office. Printing at home is NOT authorized.

Can I take UCNI and/or OUO to my remote work location?
Yes, you may take it to your remote work location by following these simple rules:
  1. Place the information in an opaque envelope marked with your name and the worlds “TO BE OPENED BY ADDRESSEE ONLY.”
  2. Transport the information in your vehicle and go directly to where you are remotely working. Do not share the information with non-employees or employees who do not have the need to know.
  3. Secure the information at the end of the work day by locking it in a cabinet or brief case where it cannot be accessed by non-employees or employees who do not have the need to know.

Telephone Information


Telephone Guidance
  • Call forwarding is available. Send an email to telephonesupport@nv.doe.gov for assistance.
  • Follow the user guides for call forwarding from your office phone to an alternate number.
  • Employees should update their email signatures to include a telephone number they can be reached at.
  • For improved mobile phone reception, you can use Wi‐Fi Calling provided by your phone carrier.

Please remember that our telephone system is receiving an extremely high number of calls. To alleviate issues with the phone system, we recommend that when you receive an inbound call to a phone you have forwarded, ask the caller if they tried to reach you using your desk number. If so, please let the caller know that you will call them back directly from your alternate number. This will prevent overloading the capacity of the system and causing busy lines for others.

Conference Bridges
  • The Avaya bridge line (5-3344) is available; however, we are currently experiencing high demand and callers may get a busy signal. Additional attempts to call in have proven successful for most employees.
  • Employees may request a WebEx account by emailing conferencebridge@nv.doe.gov. Instructions for WebEx are available here.
  • IT reminds employees to exercise good conference-call etiquette and to mute your phone when you are not speaking.
Hot Spot and Air Cards
  • Employees are approved to use company iPhones as hot spots with their company issued laptops. Do not connect your personally owned computer to the hot spot on your company issued iPhone.
  • Employees are approved to use their company issued air cards with a personal or company issued device.
  • FaceTime is permitted on company issued iPhones as long as the following conditions are met:
    • Only approved for use while off site.
    • Do NOT use them if the conversation will include CUI (OUO, PII, PHI, UCNI, etc.).
    • Do NOT record the FaceTime session in any capacity (audio or video).
WebEx Call-in Numbers
United States Toll (Chicago) +1-312-535-8110
United States Toll (Dallas) +1-469-210-7159
United States Toll (Denver) +1-720-650-7664
United States Toll (Jacksonville) +1-904-900-2303
United States Toll (Los Angeles) +1-213-306-3065
United States Toll (New York City) +1-646-992-2010
United States Toll (Seattle) +1-206-207-1700
United States Toll (Washington D.C.) +1-202-860-2110
United States of America -Toll (Phoenix) +1-602-666-0783

VDI Desktop via VMware Horizon Client - Windows:


STAGE 1 - VMware Horizon Client Setup

Downloading

  1. Click on the green Download button provided to the right -->
  2. Save the file to your computer.

Installation

  1. After the download has been saved to your computer, double-click the file to begin installation.
  2. Click on the Agree & Install button to proceed with installation.
  3. Wait for the installation to show a "Success!" screen.
  4. Click Finish to complete the installation.

Configuration

  1. Double-click on the VMware Horizon Client icon from the desktop.
  2. After launching the application, double-click on New Server.
  3. Follow the instructions below for logging on with your Smart Badge OR RSA token.

STAGE 2

IF USING SMART BADGE PIV Badge

  1. Type in vdi.nnss.gov.
  2. Insert your company issued HSPD-12 or LSSO Smart Badge into your company issued Smart Badge Reader.
  3. Click Connect.
  4. Click Accept. There may be mutiple choices of certificates.
    • For PIV (HSPD), select the certificate labeled with your name (affiliate).
    • For CIV (other), select the certificate that has your name.
  5. Click OK.
  6. You will be presented with a prompt for the PIN associated with your badge. Enter your credentials and click Login.

IF USING YOUR RSA TOKEN RSA SecureID

  1. Type in connect.nv.doe.gov.
  2. Click Connect.
  3. Click Accept and you will be prompted for your network username and RSA Passcode (8 Digit Pin + RSA token (Key Fob)). After this is entered, click Login.
  4. You will be presented with a prompt for your userame and password. Enter your credentials and click Login.

VDI Desktop via VMware Horizon Client - MacOS:


STAGE 1 - VMware Horizon Client Setup

Downloading

  1. Click on the green Download button provided -->
  2. Save the file to your computer.

Installation

  1. Double-click the file to begin installation. Note: This should be located in your "downloads" folder.
  2. Click the Agree button.
  3. Click and drag the "VMware Horizon Client" icon to the "Applications" folder.
    Note: If you already have an older version of this application installed, you may receive additional messages.
    Click Replace to ensure you are on the latest VMware Horizon Client.

Configuration

  1. Double-click on the VMware Horizon Client icon from the desktop.
  2. After launching the application, double-click on New Server.

STAGE 2

USING YOUR RSA DEVICE RSA SecureID

  1. After selecting New Server above, type in connect.nv.doe.gov.
  2. Click Connect.
  3. Click Accept and you will be prompted for your network username and RSA Passcode (8 Digit Pin + RSA token (Key Fob)). After this is entered, click Login.
  4. You will be presented with a prompt for your userame and password. Enter your credentials and click Login.

Government-issued Laptop Network Access Instructions:


Ensure FortiClient is Installed

  • Right click the Start button, which is similar to the following icon: Start Icon
  • Open "Program and Features" to check if FortiClient is installed.
    • NOTE: The FortiClient software download is only available in Software Center while logged on to the network.
  • If FortiClient is not installed, proceed to download steps below.
  • If FortiClient is installed, Run/Launch the FortiClient Application.
  • Log in with your Username and Passcode (FortiClient will say 'Password' but in this case, it means 'Passcode').
  • If prompted for an Address, type in remote.nnss.gov.

Download FortiClient from Software Center

  • Click the Start button, which is similar to the following icon: Start Icon
  • Type "Software Center" into the search box and then click Software Center.
    Software Center Image
  • In the Software Center window, search FortiClient in the top-right search field.
  • Click the Forticlient Icon, and select Install.
  • Run/Launch the FortiClient application after installation.
  • Log in with your Username and Passcode (FortiClient will say 'Password' but in this case, it means 'Passcode').
  • If prompted for an Address, type in remote.nnss.gov.

VDI Desktop via HTML Access:


Connect using your HSPD-12 or LSSO Smart Badge (PIV) PIV Badge

  • NOTE: This option is only available with Edge or Internet Explorer 11 (IE11) browsers.
  • Navigate to https://vdi.nnss.gov.
  • Select VMware Horizon HTML Access.
  • Accept the agreement.
  • Enter your Username and PIN (6–8 Digits).
  • Select your desktop or general purpose from the choices displayed.

VDI and Remote Desktop Connection:


***Find the hostname of the physical system you wish to access before working remotely!

  1. Click the Start button, which is similar to the following icon: Start Icon
  2. Launch Search, type in cmd and then click Command Prompt.
  3. Type hostname and press Enter/Return key.
  4. The Computer Name will be displayed.

ENSURE THE PHYSICAL WORKSTATION IS POWERED ON BEFORE YOU LEAVE THE OFFICE.

Once connected to a VDI from a remote location, open Remote Desktop Connection.

  1. Click the Start button, which is similar to the following icon: Start Icon
  2. Launch Search, type in Remote Desktop Connection and then click on Remote Desktop Connection.
  3. Expand Show Options, and type in your Computer Name in the Computer field.
  4. Type in your Username if not shown in the Username field.
  5. Click OK, and then enter your Windows Password.
  6. Click OK.