Network Policy
A. Introduction
The data communications network of Langston University (LU)
exists to facilitate the research, education and outreach missions of the
University. It provides electronic capabilities that allow LU faculty, staff
and students to access information, share data, collaborate, and communicate. Information
Technology Services (ITS) manages the network and is responsible for its secure
and effective operation. ITS staff responsibilities include maintaining the network,
and planning and implementing network growth.
B. LU Data Communications Network Components
The network consists of the following:
1. Access-Layer Network Infrastructure - network wiring and electronics (network switches,
routers and hubs) in LU buildings that interconnect LU's
computers and other devices.
2. Wireless Network Access
"Air Space" - radio
spectrum used for wireless network access at LU.
3. Network Backbone and
Building Switches - top-level
network switches/routers in each building and the core LU network backbone that
connect LU building networks together and to off-campus networks.
4. Wide Area Network
Connections - Wide Area Network
(WAN) that connects distributed portions of the LU network.
5. Connections to Regional and
National Networks (OneNet) - off-campus connections to the Internet. OneNet is
6. Core Network Services - services required for network operations (Domain Name
Service, boot P, Wins, etc.)
C. General Provisions
1. LU Data Communications
Network as a Campus Utility
The network is a critical campus utility available to all faculty, staff and
students, at all campus locations. It provides end-to-end "wired and
wireless" service from any computer on campus to any other, as well as to
off-campus computers and resources.
2. Extension of the Backbone
into New Buildings
In order to develop and expand robust and vibrant network services, the
extension of the LU network into new buildings on campus shall be included and
funded as part of new building construction projects. Buildings shall be
designed and erected with the capability to communicate with the LU network.
Such projects shall include ITS approval of blueprints and ITS involvement
during construction. This will ensure that both current and future technology
requirements of the University are included in the design of distributed
technology services to the University community.
3. TCP/IP – LU's Network Protocol
To facilitate interoperability among LU systems, the network backbone supports
TCP/IP and other IP based protocols (UDP, PCMP, etc.) and other ITS approved protocols.
4. Involuntary Disconnection
To assure the integrity of the network, it may be necessary for ITS to
disconnect a host, a group of hosts, or a network node that is unsecured or
disrupting network service to others. This includes hosts involved in network
security problems, such as those used by unauthorized parties to attack other
systems on the LU Network or on the Internet. If the situation allows, ITS will
make an attempt to contact the local network administrator or owner of the host
or hosts involved. If those individuals are not available, the disconnection
may proceed without notification. With regard to security issues, a
disconnection might be a "partial" activity which isolates and prevents
the host from attacking other hosts or from off-campus access in general. A
host that has been compromised by unauthorized parties may need to stay
disconnected until the host's operating system can be updated and all changes
made by the attacker reversed.
5. Physical Access to Wiring Closets
Only ITS staff are authorized to place equipment or cabling in wiring closets,
equipment rooms, etc., unless special arrangements are made with ITS and
approved by the ITS Director. Departments maintaining their own networks must
use other space for their equipment and cable. At no time shall any individual
access ITS wiring closets or shall any wiring not belonging to ITS be located within a ITS wiring closet without expressed
written approval from ITS. Where it is deemed necessary, requests to provide
Department specific cabling will have to be submitted by the ITS Director to
the Chief Information Officer for approval.
D. Responsibilities of ITS
1. Network Maintenance
ITS maintains building and campus network wiring and
fiber, local switches, building routers/switches, backbone routers/switches,
and other network devices that comprise the LU network. This includes
identifying and troubleshooting network problems, and where necessary replacing
and/or repairing defective equipment and wiring.
2. Network Documentation
ITS is responsible for creating and maintaining the
detailed documentation of the network required for proper network maintenance,
operation, and planning.
3. Administration of LU
Network Connections to Other Networks
ITS maintains relationships and agreements with OneNet and other service providers to keep the LU Network
connected to the Internet and other academic networks. The ITS Department administers
all interfaces and connections between the LU Network and other networks.
4. Administration of LU
Network Name and Address Space
ITS manages the LU network name space and the
assignment of names and network addresses (IP numbers) for security and
identity of users.
5. Administration of LU
Wireless Networking
ITS coordinates the use of wireless networking at LU to ensure viable and compatible
access to all LU users.
6. Provision of Central
Network Services
ITS provides central services required for operation of the network, which include,
but are not limited to, Domain Name Service (DNS), directory and user
authentication and authorization services as well as electronic mail transport
services.
7. Network Devices
The Data Communications Network is a mission critical strategic University
resource. In order to protect the Data Communications Network, devices other
than computers, printers, and workstations, must not be plugged into any
network port. This includes, but is not limited to servers, hubs, switches,
repeaters, routers, network modems and wireless access points. These devices
may be incorrectly configured or incompatible with the LU Network causing
outages and reliability problems to all or part of the network. Devices not
approved for use on LU's Data Communication Network will
be disabled to ensure the stability and availability of the network.
In order to use any of the devices mentioned above, contact ITS
to assess and configure your equipment for proper use on the LU network.
8. Traffic Monitoring
ITS monitors traffic flow to optimize network usage, detect network problems,
and ensure equitable access.
9. Security Monitoring
To the extent possible, ITS monitors incoming network
traffic to detect the "signatures" of known network intrusion
scenarios, viruses, or the like. ITS may periodically scan the LU network hosts
to assess the University’s vulnerability to attack. It should be noted that
there is no guarantee that ITS will be able to detect all potential system
vulnerabilities.
10. Campus-wide Network
Security Coordination
ITS promotes campus-wide network security and
coordinates campus-wide response to unauthorized access. This also includes
working with local supporters, computer users, and OneNet
to protect the campus from network intrusions, denial of service attacks, and
other unauthorized and/or inappropriate activities that may impair network
access and use.
11. Planning for Network
Growth
ITS interacts with campus departments to ensure
current and future communication needs are addressed in a timely manner.
12.Upgrades
to Current Infrastructure
ITS performs upgrades to the current infrastructure to ensure current and
future needs are adequately addressed.
E. Responsibilities of the Network Administrators
ITS is responsible for
coordinating computing and network use in all areas. The Network Administrator
shall perform the following responsibilities:
1. The Network Administrator:
2. Network Security
Maintenance
The Network Administrator implements and maintains sound network and computer
security practices in the unit. This includes, but is not limited to,
host-based security mechanisms such as password-protected logins, file
protections, ensuring proper encryption is used where previously approved and ensure
timely security patch maintenance on all machines. System Administrators shall
also encourage end-users to select secure passwords and change them regularly,
and to use security-minded access tools.
3. Network Name and Address
Coordination
The Network Administrator serves as the point of coordination for the
assignment of network name and addresses.
F. Responsibilities of
Computer Owners
The owners or primary users of computers connected to the LU
network are responsible for the following:
1. Abiding by LU's Appropriate Computer Use Policy
Users should efficiently use network resources and follow LU's
Acceptable Use Policy and other
related security policies. Users are personally responsible for all activities
on their User ID or computer system and may be subjected to disciplinary action
and/or loss of privileges for misuse of computers or computing systems under
their control, even if not personally engaged in by the person controlling the
computer or system.
2. Reporting Problems
Users should promptly report network problems to the ITS HelpDesk,
and cooperate with support staff in correcting malfunctions.
3. Taking Proper Security
Precautions
Users should select secure passwords and change them regularly. Security-minded
network access techniques should be used whenever practical.
4. Keeping the Operating System Secure
Users and ITS should make sure their computer's
operating system is kept up-to-date with current security patches. This may be
accomplished by the owner, local support staff, and/or central staff.