Update Tier 3 Security evaluation checklist

[helendduncan]

✅ Checklist

• I have searched open and closed issues for duplicates
• This is a request for a change to documentation
• This isn't a feature request or bug report
• This isn't an open-ended question (open a discussion if it is).

📒 Where is the problem?

In the documentation for v 5.0.1 Security checklist for T3 SREs the physical security checks are inconsistent. If the user is connecting from the correct IP address via a VPN then the SHM will not disallow the connection.

Also in the documentation:

Verify that: check the network IP ranges corresponding to the research spaces and compare against the IPs accepted by the firewall.

But it is the NSGs which allow/disallow IPs?

📝 Required documentation changes

Remove the statement

Connection from outside the secure physical space is not possible.

[jemrobinson]

@helendduncan - the recommendation for tier 3 is to set up a network that can only be accessed from a known physical space (i.e. not via a VPN).