Oklahoma State University: The STATE's University
Visit the OSU Home Page
IT Home
About IT
Organization
Policies
Service Catalog
Student Resources
Faculty/Staff Resources
IT Announcements
IT Ransomware Advisory
UTSF Committee
Turn Off Spam Digest
How To...
O-Key Account Access
Cowboy Mail
Orange Mail
Outlook Web Access

Network Policy - Interim

 
*Note: Information Technology Policies are in the process of
review and will be updated throughout the year*
 
Editor's Note: This is considered an interim policy of the University, as of May 18, 2001, pending final revisions/approvals. Before it is approved in final, it will be sent through the appropriate review and adoption process.
 
Oklahoma State University
 
Network Security Policy
 
A. Introduction
 
The data communications network of Oklahoma State University (OSU) exists to facilitate the research, education and outreach missions of the University. It provides electronic capabilities that allow OSU faculty, staff and students to access information, share data, collaborate, and communicate. Computing Information Services manages the network and is responsible for its secure and effective operation. CIS staff responsibilities include maintaining the network, and planning and implementing network growth.
 
B. OSU Data Communications Network Components
 
The network consists of the following:
 
  • Access-Layer Network Infrastructure - network wiring and electronics (network switches and/or hubs) in OSU buildings that interconnect OSU's computers and other devices.
  • Wireless Network Access "Air Space" - radio spectrum used for wireless network access at OSU.
  • Network Backbone and Building Switches - top-level network switches/routers in each building and the core OSU network backbone that connect OSU building networks together and to off-campus networks.
  • Wide Area Network Connections - Wide Area Network (WAN) that connects distributed portions of the OSU network.
  • Connections to Regional and National Networks (OneNet) - off-campus connections to the Internet. OneNet is Oklahoma's telecommunications and information network for education and government. OneNet is a division of the Oklahoma State Regents for Higher Education and is operated in cooperation with the Oklahoma Office of State Finance.
  • Core Network Services - services required for network operations (Domain Name Service, boot P, Wins, etc.)
 
C. General Provisions
 
  • OSU Data Communications Network as a Campus Utility - The network is a critical campus utility available to all faculty, staff and students, at all campus locations. It provides end-to-end "wall plate to wall plate" service from any computer on campus to any other, as well as to off-campus computers and resources.
  • Extension of the Backbone into New Buildings - The extension of the network into new buildings on campus should be included and funded as part of building construction projects. Buildings should not be erected without the capability to communicate with the OSU network or without CIS approval or blueprints and CIS involvement during construction.
  • TCP/IP OSU's Network Protocol - To facilitate interoperability among OSU systems, the network backbone supports only TCP/IP and other IP based protocols (UDP, PCMP, etc.)
  • Involuntary Disconnection - To assure the integrity of the network, it may be necessary for CIS to disconnect a host, a group of hosts, or a network that is unsecured or disrupting network service to others. This includes hosts involved in network security problems, such as those used by unauthorized parties to attack other systems on the OSU Network or on the Internet. If the situation allows, CIS will make an attempt to contact the local network administrator or owner of the host or hosts involved. If those individuals are not available, the disconnection may proceed without notification. With regard to security issues, a disconnection might be a "partial" one that isolates the host from attacking hosts, or from off-campus access in general. A host that has been compromised by unauthorized parties may need to stay disconnected until the host's operating system can be updated and all changes made by the attacker reversed.
  • Physical Access to Wiring Closets - Only CIS is authorized to place equipment or cabling in wiring closets, equipment rooms, etc., unless special arrangements are made with CIS and approved by the Assistant Vice President for CIS. Departments maintaining their own networks must use other space for their equipment and cable. At no time shall any individual access CIS wiring closets or shall any wiring not belonging to CIS be located within a CIS wiring closet without expressed written approval from CIS.
 
D. Responsibilities of CIS
 
  • Network Maintenance - CIS maintains building and campus network wiring and fiber, local switches, building routers/switches, backbone routers/switches, and other network devices that comprise the OSU network. This includes troubleshooting problems, identifying their cause, and replacing or repairing defective equipment and wiring.
  • Network Documentation - CIS is responsible for creating and maintaining the detailed documentation of the network required for proper network maintenance, operation, and planning.
  • Administration of OSU Network Connections to Other Networks - CIS maintains relationships and agreements with OneNet and other service providers to keep the OSU Network well connected to the commercial Internet and academic networks. CIS administers all interfaces between networks and connections between the OSU Network and other networks.
  • Administration of OSU Network Name and Address Space - CIS manages the OSU network name space and the assignment of names and network addresses (IP numbers) for security and identity of users.
  • Administration of OSU Wireless Networking - CIS coordinates use of wireless networking at OSU to ensure compatible access to all OSU users.
  • Provision of Central Network Services - CIS provides central services required for operation of the network, which include, but are not limited to, Domain Name Service (DNS), directory and user authentication services, and electronic mail transport services.
  • Network Devices - The Data Communications Network is a mission critical strategic University resource. In order to protect the Data Communications Network, devices other than computers, servers, and workstations, must not be plugged into any network port. This includes, but is not limited to hubs, switches, repeaters, routers, network modems and wireless access points. These devices may be incorrectly configured or incompatible with the OSU Network causing outages and reliability problems to all or part of the network. Devices not approved for use on OSU's Data Communication Network will be disabled to ensure the stability and availability of the network.
  • Traffic Monitoring - CIS monitors traffic flow to optimize network usage, detect network problems, and ensure equitable access.
  • Security Monitoring - To the extent possible, CIS monitors incoming network traffic to detect the "signatures" of known network intrusion scenarios, viruses, or the like. CIS may periodically scan the OSU network hosts to assess the vulnerability to attack. It should be noted that there is no guarantee that CIS will be able to detect all potential system vulnerabilities.
  • Campus-wide Network Security Coordination - CIS promotes campus-wide network security and coordinates campus-wide response to unauthorized access. This also includes working with local supporters, computer users, and OneNet to protect the campus from network intrusions, denial of service attacks, and other unauthorized and/or inappropriate activities that impair network access and use.
  • Planning for Network Growth - CIS interacts with campus departments to ensure current and future communication needs are addressed.
  • Upgrades to Current Infrastructure - CIS performs upgrades to the current infrastructure to ensure current and future needs are addressed.
 
E. Responsibilities of Local Network Administrators
 
The Dean or Director in each college or major unit is the person in charge of coordinating computing and network use in that area. They should identify a network administrator who has the following responsibilities for the college or unit:
 
  • The Network Administrator:
 
  • Coordinates network trouble reports and ensures that OSU network malfunctions are properly reported to CIS for resolution.
  • Supports CIS staff efforts to troubleshoot and resolve network problems involving the operation of end-user or university equipment.
  • Works with CIS staff to track down and correct excessive use of network resources, especially off- campus network usage. Encourages members of the unit to utilize network bandwidth and resources efficiently.
  • Acts as a liaison between CIS and network users for the purpose of scheduling maintenance periods, coordinating system changes, and disseminating information concerning the OSU network.
  • Participates in campus discussions of new directions for the OSU network and CIS's network services.
  • Network Security Maintenance - The network administrator implements and maintains sound network and computer security practices in the unit. This includes, but is not limited to, host-based security mechanisms such as password-protected logins, file protections, ensuring encryption is not used and security patch maintenance on all machines. System Administrators are also to encourage end-users to select secure passwords and change them regularly, and to use security-minded access tools.
  • Network Name and Address Coordination - The network administrator serves as the unit coordination point for the assignment of network name and addresses.
 
F. Responsibilities of Computer Owners
 
The owners or primary users of computers connected to the OSU network are responsible for the following:
 
  • Abiding by OSU's Appropriate Computer Use Policy - Users should efficiently use network resources and follow OSU's Appropriate Computer Use Policy Computer and OSU's Network Security Policy. Users are personally responsible for all activities on their User ID or computer system and may be subjected to disciplinary action and/or loss of privileges for misuse of computers or computing systems under their control, even if not personally engaged in by the person controlling the computer or system.
  • Reporting Problems - Users should promptly report network problems to either the local network administrator or to the CIS HelpDesk, and cooperate with support staff in correcting malfunctions.
  • Taking Proper Security Precautions - Users should select secure passwords and change them regularly. Security-minded network access techniques should be used whenever practical.
  • Keeping the Operating System Secure - Users should make sure their computer's operating system is kept up-to-date with current security patches. This may be accomplished by the owner, local support staff, or central staff.
 
References
 
OSU Administrative Policies & Procedures
  • Appropriate Computer Use Policy
  • Buckley Amendment Family Rights and Privacy Act
  • CIS World Wide Web Publishing
  • Copyrightable Educational Material and Other Intellectual Property
  • Handling Gifts to the University
  • Incident Reporting Of Computer Security Violations
  • Open Records
  • Microsoft Campus Agreement (MCA) Overview
  • Password Guidelines
  • Sexual Harassment
  • Use of Electronic Mail
  • Use of the University Name
 
Other
  • Digital Millennium Copyright Act
  • Federal Computer Intrusion Laws
  • Federal Electronic Communication and Privacy Act of 1986
 
View other policies
 
The State's University
Oklahoma State University - Stillwater | Stillwater, OK 74078 | 405.744.5000
Copyright © 2006 Oklahoma State University | All rights reserved