The University network underpins the use of IT services for all academic, administrative and research activities throughout JMU. The provision of a highly reliable and secure network and associated services is therefore a fundamental business requirement.
PLN are responsible for the provision, maintenance and day-to-day operation of the JMU network. The provision of a reliable and secure network service requires that PLN have end-to-end control of the physical topology of the network, the interconnecting network equipment and the network-related services which together provide the overall network service.
It is prohibited to connect any equipment that extends the scope, range or reach of the University network, including:
- Data cabling, line-of-site or radio links
- Network Hubs, Switches, Bridges or Routers
- Access gateways, including:
- Remote Access Servers (e.g. Citrix and Windows Terminal Services)
- Wireless Access Points
- Dial-in Services, including modems connected to PCs
All systems that are connected to the network must be configured such that the following network services are NOT provided:
- DHCP address services
- DNS name resolution services
- Time Services
- Authentication services
- Routing Services
All systems (whether client PCs or Servers) connected to the network:
- Must comply with naming conventions agreed with PLN
- Must be fully patched to the latest appropriate security updates
- Must be virus protected
- Must not operate in promiscuous mode for the purpose of monitoring or recording network traffic
All client systems connected to the network will be subject to Network Access Control (NAC) which automatically checks that the client system conforms to policy. Systems which fail the compliance tests will be denied access to the corporate network.
All requirements to extend the scope, range or reach of the network or network services must be channelled via PLN.
Schools with specialist research or IT laboratory teaching activities where the requirements are such that it is impossible to comply with the above policy must advise PLN. These requirements will be accommodated by the provision of a separate dedicated subnet isolated from the JMU network.
4 Related PoliciesWireless Networking Policy
Kevin Walsh, PLN, June 2009