Frequently Asked Questions about GlobalProtect VPN

What’s Happening?

As part of BCIT’s ongoing efforts to modernize its technical infrastructure, both myVPN (used by students and employees) and AccessAnywhere (used by employees) will be replaced with GlobalProtect VPN.

VPN stands for Virtual Private Network. It extends a private network (like BCIT’s campus network) across a public network (like the internet), allowing secure access from remote locations such as your home, a café, or other Wi-Fi networks. A VPN improves authentication and security for off-campus connections.

Yes, BCIT requires Multi-Factor Authentication (MFA) when connecting to the GlobalProtect VPN. Similarly to the normal BCIT login process.

MFA is now enforced at BCIT – MFA helps protect your account and BCIT’s network by adding an extra layer of security. Even if your password is compromised, unauthorized users won’t be able to access the VPN without your multi-factor authentication.

To learn more about MFA at BCIT, please refer to the articles for Faculty & Staff and Students.

The main difference between GlobalProtect VPN and the older myVPN or AccessAnywhere services is that GlobalProtect includes Multi-Factor Authentication (MFA) and an updated login process. This new process aligns the VPN login with the rest of the BCIT login experience, making it consistent with how students, faculty, and staff access other BCIT systems.

For contractors and staff who currently use AccessAnywhere for specialized support or management, the most significant change will be the updated login process, since AccessAnywhere uses a different authentication method. For more details on what this means for contractors, see the “Contractor and Specialty Access” section of this article.

Reference Login Process:

Standard BCIT Login Page:

Staff MFA Prompt (similar to Student MFA):

What does this mean for me?

Once GlobalProtect becomes available, myVPN and AccessAnywhere will no longer work. Faculty, staff, students, and contractors will need to uninstall myVPN, remove the AccessAnywhere configuration, and switch to GlobalProtect. Step-by-step instructions will be provided closer to the release date.

For BCIT Managed devices, myVPN will be automatically uninstalled and GlobalProtect VPN will be installed.

For Bring Your Own Devices (BYOD/Personal), users will need to manually uninstall myVPN and install GlobalProtect VPN.

For instructions on how to install and connect please refer to the article: Installing and Connecting to GlobalProtect VPN

For Faculty, Staff, Students and Contractors GlobalProtect will require Multi-factor authentication (MFA). This will function identically to the existing MFA process already in place for Students and Faculty/Staff.

Supported Operating Systems and availability

Like myVPN, GlobalProtect will be available as a downloadable application. For faculty and staff, it will also be available through the Company Portal for Windows or Self Service Application for MacOS.

At BCIT, GlobalProtect will only be compatible with Windows or macOS devices. Devices running on Android, iOS, ChromeOS, and Linux will not be compatible, even with the versions of GlobalProtect that are available for those operating systems.

New look

New desktop/dock icon:

New application look:

Screen shot of the GlobalProtect Login page

Screen shot of the Global Protect connected page

For those using AppsAnywhere remotely:
Some applications require licensing from BCIT’s internal servers to run. To access these licenses, a secure connection to BCIT’s network is necessary. Currently, this connection is provided through myVPN. Once GlobalProtect VPN is released, it will replace myVPN as the required method for connecting to BCIT’s network for licensing.

Like myVPN, GlobalProtect VPN uses split-tunneling. This means that when you visit common internet sites—such as Google or other non-BCIT websites—your own internet connection is used directly. However, when you access BCIT web resources or network services such as shared drives, printers, or other internal systems, GlobalProtect routes that traffic through the secure VPN tunnel to connect you to BCIT’s internal network.

For contractors and BCIT staff who previously accessed secure systems through AccessAnywhere (AA), the most significant change will be the introduction of multi-factor authentication (MFA) during the VPN login process. Currently, AccessAnywhere does not require MFA at sign-in.

When connecting through GlobalProtect (GP), users will be prompted to complete Multi-Factor Authentication (MFA). Most users will only receive one MFA prompt; however, some specialty support users may encounter two prompts during the connection process:

Standard Login – When signing into GlobalProtect with their regular user account (via Microsoft Authenticator)
Elevated Access – When accessing secure server resources using a System Administrator (privileged) account (via Duo MFA)

Contractors will be enrolled in MFA and provided instructions on how to set it up during their account creation and onboarding process.

For instructions on how to install the GlobalProtect client on non-BCIT devices, refer to the article: Installing and Connecting to GlobalProtect

For more information about GlobalProtect VPN

For installation instructions, refer to the article Installing and Connecting to GlobalProtect VPN.

Frequently Asked Questions about GlobalProtect VPN

What’s Happening?

What is GlobalProtect VPN?

Do I need to use MFA to log into GlobalProtect VPN?

What is the difference and what does it mean for me?

Reference Login Process:

What does this mean for me?

Supported Operating Systems and availability

New look

Will I need to use GlobalProtect VPN with AppsAnywhere?

When I use GlobalProtect VPN what will happen to my internet traffic?

When will GlobalProtect VPN replace myVPN and AccessAnywhere?

Contractor and Specialty access

For more information about GlobalProtect VPN