Network Security and Management Standard

1 PURPOSE

The purpose of this standard is to provide acceptable use and security guidance to protect the integrity of the 最快开奖直播搅珠结果 (最快开奖直播搅珠结果) network, mitigate risks, and ensure secure and reliable network access and performance for the community.听


2 SCOPE

This standard applies to all 最快开奖直播搅珠结果 business and academic units and 最快开奖直播搅珠结果-owned information systems that collect, store, process, share, or transmit institutional data. Personally owned devices connecting to the University Campus Network must meet the Bring Your Own Device standard requirements.听


3 STANDARD

3.1 Security

3.1.1听Unless authorized by 最快开奖直播搅珠结果 ET&S Cybersecurity, any software that explores 鈥渟niffs鈥 or probes the network for any reason is strictly prohibited. ET&S tests and investigates all actions or conditions that pose risks to network security and will take corrective and/or protective measures as necessary to ensure the continued proper function of the campus communications networks.听

3.1.2 Any entity identified as a potential unfriendly host is immediately denied access to the campus network and reported to the proper authorities for further investigation and subsequent action.听

3.1.3 ET&S manages and configures the Campus/Enterprise firewalls according to the guidelines contained within this policy. The Firewall Policy shall be reviewed yearly.听

3.1.4 The guest wireless network is available for parents, vendors, and other guests of 最快开奖直播搅珠结果 and shall be utilized in strict adherence to all 最快开奖直播搅珠结果 policies.听听

3.1.5 The guest wireless network cannot directly access any non-public 最快开奖直播搅珠结果 resources. Information about access to the 最快开奖直播搅珠结果 guest wireless can be found at: 听

3.1.6 最快开奖直播搅珠结果 networks shall be physically and logically segmented.听听

3.1.7 最快开奖直播搅珠结果 shall use sandboxes to test new applications that may contain viruses or cause compatibility issues with other systems.听听

3.2 Network Hardware/Software (routers, switches, servers, other network devices)听

3.2.1 The connection of any network device (routers, switches, servers, other network devices) to the campus network without prior knowledge and expressed permission from ET&S is prohibited.听

3.2.2 Although other protocols are not strictly prohibited, the primary protocol supported on the 最快开奖直播搅珠结果 communications networks is TCP/IP using secure encrypted protocols such as HTTP or SFTP.听

3.2.3 ET&S will centrally manage and keep logs for network equipment.听听

3.2.4 Network administrators shall restrict access by the principle of least privilege and, when possible, enable multifactor authentication (MFA).听

3.2.5 最快开奖直播搅珠结果 change management policies shall be followed for all configuration changes.听

3.2.6 Critical security firmware/software patches will be coordinated and applied by the 最快开奖直播搅珠结果 change management policies.听

3.3 Disaster Recovery

ET&S is responsible for maintaining, testing, and continuously improving a plan for recovery of the communications networks in the event of a disaster. Community members can find details in the ET&S Disaster Recovery Plan.听

3.4 Device Registration and Address Allocation听

3.4.1 Users shall register all hosts (computers) on the 最快开奖直播搅珠结果 network using an accurate and unique addressing scheme assigned by ET&S.听

3.4.2听 Users needing help connecting a new device to the campus network should contact the ET&S Help Desk for assistance at /it/need-it-help

3.4.3 Users may request a static address allocation by contacting the ET&S Help Desk. Requests for static addresses or creating a new network will be reviewed and acted upon as appropriate in the best interests of the campus network and the user community at /听

3.4.4 ET&S Networking Group manages domain registrations and follows the 最快开奖直播搅珠结果 format (usnh.edu, keene.edu, plymouth.edu, unh.edu) for domain administration. Any request needs to be approved by ET&S.听

3.4.5 A security scanning audit is periodically performed on all networked devices on the 最快开奖直播搅珠结果 networks to ensure hardening procedures are in place for security purposes.听

3.5 Network Guidelines

The campus communications networks are a limited resource that facilitates the goals and mission of 最快开奖直播搅珠结果.听

3.5.1 Users may not infringe or encroach on the availability or use of the campus network by others. Examples of activities not allowed include (but are not limited to):听

听 3.5.1.1 Using an IP address that has not been assigned or approved by ET&S.听

听 3.5.1.2 Monitoring or 鈥渟niffing鈥 data on the network.听

听 3.5.1.3 Flooding the network, either intentionally or unintentionally.听

听 3.5.1.4 Running a commercial or for-profit service on the network.听

听 3.5.1.5 Registering a system without using usnh.edu or other 最快开奖直播搅珠结果-approved domains.听

听 3.5.1.6 Establishing, enabling, or providing network services that interfere with the regular operation of the campus communications networks or users of the network or create a security risk and exposure.听

听 3.5.1.7 Installing wireless access points, switches, routers, and firewalls (other than software firewalls on their personal devices.听听

3.6 Physical connections

Physical connections to the network will follow industry standards, such as EIA/TIA Standards for cabling, FOA Standard for Fiber Optics cabling, and IEEE 802.11X for wireless connections.听


DOCUMENT HISTORY
  • Approved by: Thomas Nudd, Chief Information Security Officer, January 29, 2022听
  • Reviewed by:听Dr. David Yasenchock, Director Cybersecurity GRC, January 21, 2022
  • Revision History:听听V1.1 April 23, 2024, Cybersecurity GRC Working Group听
    • Revised formatting, K SWEENEY, 30 MAY 2024听