The purposes of an educational organisation may often require it to receive guests from other organisations, both from within the education community and outside. Researchers, teachers, students and conference delegates may all come to the organisation from elsewhere and wish, or need, to use the host organisation’s network facilities. Where guests come to the host organisation for purposes connected with its education, research or business and community engagement missions, the Janet Eligibility Policy allows the host organisation to provide them with access to Janet should it choose to do so. However the host organisation is responsible for ensuring that such use complies with the Janet Policies, in particular that the granting of access is subject to reasonable controls and does not present an unacceptable risk to other users of Janet or the Internet.

This guide has been written with the aim of helping organisations wishing to provide access to Janet for their guests to do so safely, both for themselves and others. Since every organisation will have its own requirements and capabilities it is not possible to provide a standard recipe that will be suitable for everyone; instead the guide first reviews the objectives that must be met, then considers a range of tools that can be used to achieve those objectives, and finally presents case studies from a number of Janet-connected organisations to illustrate how these tools may be used to implement appropriate systems for guest access. Thanks are due to the many organisations and individuals who have shared their ideas and experiences for these case studies.

Finally, it is important to note that visitors who come to an organisation merely to use its facilities and not in connection with the organisation’s education, research or engagement missions are not allowed to use the Janet network. Organisations may, if they wish, provide Internet access for these visitors as a way to encourage use of facilities such as cafes, restaurants and accommodation but must do so in partnership with a public Internet Access Provider such as a commercial ISP. Traffic to that provider may be backhauled over Janet provided that users are authenticated, the traffic is carried in an encrypted tunnel, and the provider attaches its own IP addresses before routing the traffic to the Internet. Alternatively the traffic may be routed over a separate internet connection. The technical and policy issues involved in providing this type of access - in particular that it is likely to change the legal status of parts of the organisation's local area network from "private" to "public" - are discussed in section 2.3.1 of this document and in the Janet factsheet ‘Guest and Public Network Access’.

The final case studies in this document suggest some ways to provide both types of user with appropriate access to Janet and the Internet.