UC IRVINE ADMINISTRATIVE POLICIES & PROCEDURES

Federal Electronic Communication and Privacy Act of 1986


UCI Administrative Policies & Procedures

Section 714-18, Computer and Network Use Policy
Section 800-12, Data Communications Systems Guidelines
Section 800-18, Security Guidelines for Computers and Devices Connected to UCInet

A. Introduction

B. UCInet Components

1. Access-Layer Network Infrastructure - network wiring and electronics (network switches and/or hubs) in UCI buildings that interconnect UCI's computers and other devices.

2. Wireless Network Access "Air Space" - radio spectrum used for wireless network access at UCI.

3. Network Backbone and Building Routers - top-level network switches/routers in each building and the core UCI network backbone that connect UCI building networks together and to off-campus networks.

4. Remote Site Connections - Network connections to remote campus sites such as North Campus and UCI Medical Center.

5. Connections to Regional and National Networks - off-campus connections to the commercial Internet, and to academic networks such as California Research and Education Network (CalREN) and Internet2.

6. Core Network Services - protocol-based services required for network operations such as Domain Name Service, e-mail transport, and directory services.

C. General Provisions

1. UCInet as a Campus Utility

   UCInet is a critical campus utility available to all faculty, staff and students at all campus locations. UCInet provides end-to-end "wallplate to wallplate" service from any computer on campus to any other, as well as to off-campus computers and resources. A set of services, UCInet Basic Network Services (BNS), is available to users at no cost. Additional Network Services (ANS) are available for an additional fee. BNS and the general operation of the network are funded by the campus.

2. Extension of the Backbone into New Buildings

   The extension of UCInet into new buildings housing UCI academic and administrative functions should be included and funded as part of building construction projects. Buildings should not be erected without the capability to communicate with UCInet. OIT should be notified of building projects well in advance of final design approval.

3. TCP/IP - UCI's Network Protocol

   To facilitate interoperability among UCI systems, the network backbone supports only TCP/IP and other IP based protocols (UDP, FTP, Telnet, HTTP)

4. Involuntary Disconnection

   To assure the integrity of UCInet, it may be necessary for OIT to disconnect a host, a group of hosts, or a network that is disrupting network service to others. This includes hosts involved in network security problems, such as those used by unauthorized parties to attack other systems on UCInet or on the Internet. If the situation allows, OIT will make an attempt to contact the local network administrator or owner of the host or hosts involved. If those individuals are not available, the disconnection may proceed without notification.

   With regard to security issues, a disconnection might be a "partial" one that isolates the host from attacking hosts, or from off-campus access in general. A host that has been compromised by unauthorized parties may need to stay disconnected until the host's operating system can be updated and all changes made by the attacker reversed.

5. Physical Access to Wiring Closets

   Only OIT and Facilities Management are authorized to place equipment or cabling in wiring closets, equipment rooms, etc., unless special arrangements are made with OIT and approved by the OIT Director. Departments maintaining their own networks must use other space for their equipment and cable.

D. Responsibilities of the Office of Information Technology

1. Network Maintenance

   OIT maintains building and campus network wiring, fiber, local switches, building routers/switches, backbone routers/switches, and other network devices that comprise UCInet. This includes troubleshooting problems, identifying their cause, and replacing or repairing defective equipment and wiring infrastructure.

2. Network Documentation

   OIT is responsible for creating and maintaining the detailed documentation of the network required for proper network maintenance, operation, and planning.

3. Administration of UCInet Connections to Other Networks

   OIT maintains relationships and agreements with off-campus service providers to keep UCInet well connected to the commercial Internet and academic networks. OIT administers all interfaces between networks and connections between UCInet and other networks.

4. Administration of UCI Network Name and Address Space

   OIT coordinates the UCI network name space and the assignment of names and network addresses (IP numbers).

5. Administration of UCI Wireless Networking

   OIT coordinates use of wireless networking at UCI to ensure compatible access to all UCI users.

6. Provision of Central Network Services

   OIT provides central services required for operation of the network which include, but are not limited to, Domain Name Service (DNS), directory and user authentication services, and electronic mail transport services.

7. Traffic Monitoring

   OIT monitors traffic flow to optimize network usage, detect network problems, and ensure equitable access. OIT provides network administrators and campus users with periodic reports summarizing traffic data. reports.

8. Security Monitoring

   Although there is no guarantee that OIT will be able to detect all potential system vulnerabilities, OIT monitors, to the extent possible, incoming network traffic to detect the "signatures" of known network intrusion scenarios, viruses, and similar damaging programs. OIT periodically scans UCInet hosts to assess their vulnerability to attack.

9. Campuswide Network Security Coordination

   OIT promotes campus-wide network security and coordinates campus-wide response to unauthorized access. This includes working with local supporters, computer users, and Internet Service Providers to protect the campus from network intrusions, denial of service attacks, and other unauthorized and/or inappropriate activities that impair network access and use.

10. Planning for Network Growth

    OIT interacts with campus departments to ensure current and future communication needs are addressed.

Responsibilities of Local Network Administrators

1. OIT/Unit Network Liaison

   The network administrator:

   • Coordinates the collection of network trouble reports and ensures that UCInet malfunctions are properly reported to OIT for resolution.
   • Supports OIT staff efforts to troubleshoot and resolve network problems involving the operation of end-user or school equipment.
   • Works with OIT staff to track down and correct excessive use of network resources, especially off-campus network usage. Encourages members of the unit to utilize network bandwidth and resources efficiently.
   • Acts as a liaison between OIT and network users for the purpose of scheduling maintenance periods, coordinating system changes, and disseminating information concerning UCInet.
   • Participates in campus discussions of new directions for UCInet and OIT's network services.

2. Network Security Maintenance

   The network administrator implements and maintains sound network and computer security practices in the unit. This includes host-based security mechanisms such as password-protected logins, file protections, encryption, security patch maintenance, etc. It also includes encouraging end-users to select good passwords and change them regularly, and to use security-minded access tools.

3. Network Name and Address Coordination

   The network administrator serves as the unit coordination point for the assignment of network name and addresses.

E. Responsibilities of Computer Owners

1. Abiding by UCI's Computer Use Policy

   Users should efficiently use network resources and follow UCI's Computer and Network Use Policy (see Section 714-18).

2. Reporting Problems

   Users should promptly report network problems to either the local network administrator or to OIT, and cooperate with support staff in correcting malfunctions.

3. Taking Proper Security Precautions

   Users should select good passwords and change them regularly. Security-minded network access techniques (such as encryption) should be used whenever practical.

4. Keeping the Operating System Secure

   Users should make sure their computer's operating system is kept up-to-date with current security patches. This may be accomplished by the owner, local support staff, or central staff.