Professional Documents
Culture Documents
NetworkUsage Policy Template
NetworkUsage Policy Template
NetworkUsage Policy Template
Policy Statement
All IT computing resource users are expected to comply with this policy. In addition, this policy
and the use of computing and network services provided by the campus shall comply with all
applicable State and Federal laws, as well as existing university policies, such as the Code of
Conduct for Users of Computing Systems and Services. This policy does not override protections
offered and procedures specified in the Faculty Code. Violations of this Network Usage Policy
can lead to revocation of system privileges and disciplinary action up to and including dismissal
or expulsion.
Table of Contents
Policy Statement ................................................................................................................ 1
Reason for Policy/Purpose ............................................................................................... 1
Who Needs to Know This Policy...................................................................................... 1
Policy .................................................................................................................................. 2
Involved Systems ............................................................................................................ 2
Information Systems and Services Authority ................................................................. 2
Network Design .............................................................................................................. 2
Protocols ......................................................................................................................... 3
Domain Name Standards (DNS)..................................................................................... 3
Virtual Private Network Usage....................................................................................... 3
Wireless Network Usage................................................................................................. 4
Network Security ............................................................................................................ 4
Administrator Responsibilities.................................................................................... 4
User Responsibilities .................................................................................................. 4
Network Security Violations....................................................................................... 5
Management of Security Violations ........................................................................... 5
Funding Model................................................................................................................ 6
Procedures ......................................................................................................................... 6
Website Address for This Policy...................................................................................... 6
Contacts/Responsibilities.................................................................................................. 6
Definitions .......................................................................................................................... 6
Related Information.......................................................................................................... 8
Who Approved This Policy .............................................................................................. 8
History/Revision Dates ..................................................................................................... 8
Policy
Involved Systems
The University network is broadly defined to include the campus computer and data
communications infrastructure, independent of ownership. It includes the campus backbone and
local area networks, the Virtual Private Network, all Wireless Networks and all equipment
connected to those networks that are managed by University Information Systems and Services
(ISS) personnel, and all computers in the GWU.EDU address domain or any other domains
administered by Information Systems and Services or any equipment managed by other
departments and schools.
This policy applies to all computer and network systems owned by and/or administered by the
University. Similarly, this policy applies to all platforms (operating systems), all computer sizes
(personal computers to mainframes), and all application systems (whether developed in-house or
purchased from third parties).
Network Design
Information Systems and Services has sole authority to purchase network equipment and to build
and maintain the University’s network infrastructure, except where ISS has delegated specific
authority to a local network administrator for an area of the University. All systems and
equipment connected to the network must be approved by ISS, including but not limited to
switches, hubs, routers and wireless devices. (See appendix for more information.)
2
Protocols
ISS shall dictate the protocols and services present on the University’s network. At the present
time the campus backbone universally supports the IP protocol. The University primarily uses
Dynamic Host Control Protocol (DHCP) to dynamically assign IP addresses to workstations as
needed. In addition, Information Systems and Services shall determine the specific routes that
network traffic will take across the University. (See the Procedures section for instructions on
how to make a DHCP request.)
IP addresses shall not be assigned from within the University IP address space for individuals or
organizations that are not affiliated with The George Washington University. In requesting an IP
address, each requesting person, organization, or service agrees to abide by all applicable
University policies and agrees not to give access to the University networks (through their
connected machine) to others who are not affiliated with the University.
3
Wireless Network Usage
The University Wireless Network utilizes the VPN client to authenticate users. ISS requires that
Wireless Network users maintain the workstation security measures as defined in the section
below, under User Responsibilities.
Network Security
ISS is responsible for monitoring the University’s network and will act accordingly to protect
University data, other electronic assets or quality of service. Because of the interconnections
provided by the network, a security violation on one machine can threaten security of other
systems on the network. Policies in this section describe the steps that will be taken in response to
security threats. They also describe circumstances when data normally considered private could
be collected and examined by an individual managing a LAN, server, or system.
Designated personnel within the Information Security Office may conduct scans against
Uinversity owned network segments, hosts, and systems connected to the University network.
The security threat increases in relation to remote access (through the VPN) and wireless access.
Thus, all wireless and VPN connections and transmissions are logged and subject to scanning by
ISS-approved officials.
Administrator Responsibilities
The administrator of a server on a University network-connected computer is responsible for the
security of that system. The system administrator must monitor and log accesses and keep other
system logs that could be useful in establishing the identities and actions of people, programs and
processes who use the system to breach network or system security. All servers that provide
access to the University network or Internet services must require user authentication in order to
restrict access.
Units that operate publicly accessible computers connected to the University network must
implement safeguards against network abuse appropriate to the network access available to users
of those systems. Data that is considered Confidential or Strictly Confidential, as defined by the
Data Classification Policy, must not be publicly accessible. Administrators of these systems are
responsible to reasonably secure these systems so as to reduce the threat to the University as a
whole.
The owner of a private system (e.g. a desktop system in a faculty member's office) that is
connected to the University network is responsible for ensuring that unauthorized individuals do
not use the system.
Network data transmissions are not secure. Sensitive data should either be encrypted separately
before transmission or a secure network transmission protocol, which provides encryption
automatically, should be used.
User Responsibilities
Each University department that makes use of IT computing equipment connected to the
University network is individually responsible for keeping its workstations secure. At a
minimum, proper security measures include having a current version of anti-virus software
installed and running an operating system that has been recently updated and patched. Some
brand of personal firewall is also recommended. Departments with users of the University’s
Virtual Private Network (VPN) or Wireless Network must implement all three of these security
measures (updated versions of anti-virus, operating system, and a personal firewall).
Departments may elect to require individual users to be responsible for their own machines or to
hire a Local Support Partner (LSP) or other technical support person to assist in fulfilling these
requirements.
4
Network Security Violations
This section details some of the various actions that are a violation of this Network Usage Policy.
However, this is by no means an exhaustive list of those actions to which ISS would respond.
Theft of IP Addresses
Use of a static IP address not authorized by the DHCP unit or an authorized service provider unit
on campus shall be considered theft of said IP address and may result in disconnection and/or
restriction of network access.
The use of intermittent static IP addresses for the purpose of deception is considered a severe
infraction of this policy. Cases involving spoofing will result in a computer security incident case
being filed and escalated for possible disciplinary action, up to and including dismissal.
5
Funding Model
Campus buildings that are served by the campus fiber distribution system will be connected to the
campus backbone via fiber optic cable. When a building is not served by the campus fiber
distribution system and where it would be cost-prohibitive to install, Information Systems and
Services will use the most cost effective medium available to provide connectivity commensurate
with the volume of network traffic expected.
Some campus units are housed in facilities not reached by the campus telecommunications wiring
plant. Information Systems and Services will work with those units to design network
connections to the University network. In such cases, the unit may be charged with costs in
excess of those required of on-campus units. Due to the high cost of running fiber off campus,
most off-campus connections will be provided over telecommunications circuits, possibly at
much slower speeds than Ethernet.
Procedures
Issue Refer to
DHCP Requests http://dhcp.gwu.edu
DNS Requests http://dns.gwu.edu
Data jack installs / Network access E-mail issorder@gwu.edu
Report a Security Violation E-mail abuse@gwu.edu
General networking problem ISS Help Desk (202) 994-5530, opt 2
Securing your workstation Site in development
Download Anti-Virus Software http://helpdesk.gwu.edu/helpdesk/software
GW University Policies
Contacts/Responsibilities
Definitions
(All definitions were taken in whole or in part from http://www.whatis.com.)
6
DNS The Domain Name System (DNS) translates internet domain
names (www.gwu.edu, e.g.) into the corresponding IP addresses
(128.164.127.251, e.g.) for that site.
7
System Computer hardware components that work together and software
components or programs that run in the computer
Related Information
History/Revision Dates