UC IRVINE ADMINISTRATIVE POLICIES AND PROCEDURES
Section 1
Communications
Electronic Communications
Sec. 800-13: UCInet Guidelines
Responsible Office: Office of Information Technology (OIT)
Revised: August 2011
References / Resources
- Federal Electronic Communication and Privacy Act of 1986
- UCI Administrative Policies & Procedures
- Section 714-18, Computer and Network Use Policy
- Section 800-12, Data Communications Systems Guidelines
- Section 800-18, Security Guidelines for Computers and Devices Connected to UCInet
Contact: Office of Information Technology at (949) 824-2222 or oit@uci.edu
A. Introduction
UCInet is the campuswide data communications network of the University of California, Irvine. UCInet exists to facilitate the research, education and community mission of the University. It provides electronic capabilities that allow UCI faculty, staff and students to access information, share data, collaborate, and communicate. Office of Information Technology (OIT) manages UCInet and is responsible for its secure and effective operation. OIT staff maintain the network, and plan and implement network growth.
B. UCInet Components
UCInet consists of the following:
- Access-Layer Network Infrastructure - network wiring and electronics (network switches and/or hubs) in UCI buildings that interconnect UCI's computers and other devices.
- Wireless Network Access "Air Space" - radio spectrum used for wireless network access at UCI.
- Network Backbone and Building Routers - top-level network switches/routers in each building and the core UCI network backbone that connect UCI building networks together and to off-campus networks.
- Remote Site Connections - Network connections to remote campus sites such as North Campus and UCI Medical Center.
- Connections to Regional and National Networks - off-campus connections to the commercial Internet, and to academic networks such as California Research and Education Network (CalREN) and Internet2.
- Core Network Services - protocol-based services required for network operations such as Domain Name Service, e-mail transport, and directory services.
C. General Provisions
- UCInet as a Campus Utility
UCInet is a critical campus utility available to all faculty, staff and students at all campus locations. UCInet provides end-to-end "wallplate to wallplate" service from any computer on campus to any other, as well as to off-campus computers and resources. A set of services, UCInet Basic Network Services (BNS), is available to users at no cost. Additional Network Services (ANS) are available for an additional fee. BNS and the general operation of the network are funded by the campus.
- Extension of the Backbone into New Buildings
The extension of UCInet into new buildings housing UCI academic and administrative functions should be included and funded as part of building construction projects. Buildings should not be erected without the capability to communicate with UCInet. OIT should be notified of building projects well in advance of final design approval.
- TCP/IP - UCI's Network Protocol
To facilitate interoperability among UCI systems, the network backbone supports only TCP/IP and other IP based protocols (UDP, FTP, Telnet, HTTP)
- Involuntary Disconnection
To assure the integrity of UCInet, it may be necessary for OIT to disconnect a host, a group of hosts, or a network that is disrupting network service to others. This includes hosts involved in network security problems, such as those used by unauthorized parties to attack other systems on UCInet or on the Internet. If the situation allows, OIT will make an attempt to contact the local network administrator or owner of the host or hosts involved. If those individuals are not available, the disconnection may proceed without notification.
With regard to security issues, a disconnection might be a "partial" one that isolates the host from attacking hosts, or from off-campus access in general. A host that has been compromised by unauthorized parties may need to stay disconnected until the host's operating system can be updated and all changes made by the attacker reversed.
- Physical Access to Wiring Closets
Only OIT and Facilities Management are authorized to place equipment or cabling in wiring closets, equipment rooms, etc., unless special arrangements are made with OIT and approved by the OIT Director. Departments maintaining their own networks must use other space for their equipment and cable.
D. Responsibilities of the Office of Information Technology
OIT's responsibilities include:
- Network Maintenance
OIT maintains building and campus network wiring, fiber, local switches, building routers/switches, backbone routers/switches, and other network devices that comprise UCInet. This includes troubleshooting problems, identifying their cause, and replacing or repairing defective equipment and wiring infrastructure.
- Network Documentation
OIT is responsible for creating and maintaining the detailed documentation of the network required for proper network maintenance, operation, and planning.
- Administration of UCInet Connections to Other Networks
OIT maintains relationships and agreements with off-campus service providers to keep UCInet well connected to the commercial Internet and academic networks. OIT administers all interfaces between networks and connections between UCInet and other networks.
- Administration of UCI Network Name and Address Space
OIT coordinates the UCI network name space and the assignment of names and network addresses (IP numbers).
- Administration of UCI Wireless Networking
OIT coordinates use of wireless networking at UCI to ensure compatible access to all UCI users.
- Provision of Central Network Services
OIT provides central services required for operation of the network which include, but are not limited to, Domain Name Service (DNS), directory and user authentication services, and electronic mail transport services.
- Traffic Monitoring
OIT monitors traffic flow to optimize network usage, detect network problems, and ensure equitable access. OIT provides network administrators and campus users with periodic reports summarizing traffic data. reports.
- Security Monitoring
Although there is no guarantee that OIT will be able to detect all potential system vulnerabilities, OIT monitors, to the extent possible, incoming network traffic to detect the "signatures" of known network intrusion scenarios, viruses, and similar damaging programs. OIT periodically scans UCInet hosts to assess their vulnerability to attack.
- Campuswide Network Security Coordination
OIT promotes campus-wide network security and coordinates campus-wide response to unauthorized access. This includes working with local supporters, computer users, and Internet Service Providers to protect the campus from network intrusions, denial of service attacks, and other unauthorized and/or inappropriate activities that impair network access and use.
- Planning for Network Growth
OIT interacts with campus departments to ensure current and future communication needs are addressed.
E. Responsibilities of Local Network Administrators
The Computing Support Coordinator (CSC) in each school or major unit is the person in charge of coordinating computing and network use in the unit. The CSC identifies a network administrator who has the following responsibilities for the school or unit:
- OIT/Unit Network Liaison
The network administrator:
- Coordinates the collection of network trouble reports and ensures that UCInet malfunctions are properly reported to OIT for resolution.
- Supports OIT staff efforts to troubleshoot and resolve network problems involving the operation of end-user or school equipment.
- Works with OIT staff to track down and correct excessive use of network resources, especially off-campus network usage. Encourages members of the unit to utilize network bandwidth and resources efficiently.
- Acts as a liaison between OIT and network users for the purpose of scheduling maintenance periods, coordinating system changes, and disseminating information concerning UCInet.
- Participates in campus discussions of new directions for UCInet and OIT's network services.
- Network Security Maintenance
The network administrator implements and maintains sound network and computer security practices in the unit. This includes host-based security mechanisms such as password-protected logins, file protections, encryption, security patch maintenance, etc. It also includes encouraging end-users to select good passwords and change them regularly, and to use security-minded access tools.
- Network Name and Address Coordination
The network administrator serves as the unit coordination point for the assignment of network name and addresses.
F. Responsibilities of Computer Owners
The owners or primary users of computers connected to UCInet are responsible for the following:
- Abiding by UCI's Computer Use Policy
Users should efficiently use network resources and follow UCI's Computer and Network Use Policy (see Section 714-18).
- Reporting Problems
Users should promptly report network problems to either the local network administrator or to OIT, and cooperate with support staff in correcting malfunctions.
- Taking Proper Security Precautions
Users should select good passwords and change them regularly. Security-minded network access techniques (such as encryption) should be used whenever practical.
- Keeping the Operating System Secure
Users should make sure their computer's operating system is kept up-to-date with current security patches. This may be accomplished by the owner, local support staff, or central staff.