Last Revision Date: May 20, 2011
Approval Date: May 12, 2010
Approval Authority: Case Information Security Officer
The purpose of this policy is to establish standards for management of network access and communications.
This policy applies to all information technology systems that are connected to and use the Case network infrastructure. Cloud-based services are outside the scope of this policy.
All networks and communications technologies owned and managed by Case are considered to be private in nature, and access is granted for the exclusive use of Case faculty, staff, students, and affiliates in accordance with the Case Acceptable Use of Information Technology Policy (AUP). The privilege of use of all Case networks requires adherence by all Case users to a minimal set of standards to assure efficient and effective management of network resources. The doctrine employed by Case IT Services is to assure the fulfillment of the mission of the University through access to and availability of Case networks, which are deemed a critical resource.
General policy of approved protocols and usage thresholds will be determined and implemented by Case IT Services, through the Technical Infrastructure Services group. The implementation of standards shall be the responsibility of all IT systems owners and administrators.
Case network users shall not provision network-based services for non-Case third parties.
All networks on the Case campus are installed and maintained by Case IT Services. To assure the integrity and availability of network services, no other network communications (with the exception of commercial cellular telephony networks) shall be permitted on University facilities. No networking equipment (routers, managed switches, DHCP servers, DNS servers, WINS servers, VPN servers, remote access dial-in servers/RADIUS, wireless access points, hardware firewalls) shall be permitted without a written exception from Case IT Services (Technical Infrastructure Services).
All devices connected to Case networks shall be registered with Case IT Services when initially attached to the network. This applies to printers, computing systems, laboratory equipment, and communications devices that use TCP/IP network protocols. The registrant must be a current faculty, staff, student, or affiliate account user with a valid and active NetworkID. Information on how to register a network device can be found at the Network Registration documentation at the Case Help Desk. Unregistered devices are subject to disconnection from the Case Network, without notice, whether or not they are disrupting network service.
Currently devices connected to the CaseGuest wireless network are unregistered. As wireless registration services become available, all university-purchased or owned hosts shall be registered in a similar manner to wired nework registration. Case users accessing the Case IT resources via wireless networking may assure the privacy of the network communications by using the Case VPN software.
No device or program that has the potential to disrupt network service to others is permitted on the Case Network without prior arrangement with IT Services.
The management of network protocols shall be performed by information systems administrators and network administrators to assure the efficiency, availability, and security of the common resources, in accordance with the governing Case Acceptable Use Policy.Simple Mail Transfer Protocol (SMTP):
MX record- An MX record or Mail exchanger record is a type of resource record in the Domain Name System (DNS) specifying how Internet e-mail should be routed. MX records point to the servers that should receive an e-mail, and their priority relative to each other.
SSL- secure sockets layer, an encryption method for communication between the mail client and mail server.
TLS- transport layer security, an encryption method for communication between a mail client and a mail server, or between mail servers.
TCP/IP- transmission control protocol and internet protocol, which define how communications are currently implemented in the Case network infrastructure.
IP address- internet protocol address, an essential networking element which permits traffic to be routed to a specific host.
Cloud services- software and/or systems that are hosted in off-campus data centers that rely on network communications to permit access for users in the Case network environment. An example is Case Google Applications.
IT Services is responsible for enforcement of network access standards, and maintaining the list of banned protocols.
Departmental IT staff are responsible for the implementation and adherence to network protocol standards.
This policy will be reviewed every two years on the anniversary of the policy effective date, at a minimum. The policy may be reviewed on a more frequent basis depending on changes of risk exposure.