3/5/2013 – A recent security incident at Evernote allowed attackers... Read More
Campus Network Infrastructure Policy Statement
Beginning in the Summer of 2000, the Office of Information Technology (OIT) will begin a project to rebuild the campus networking infrastructure in order to meet ever-expanding current and future technology requirements of the University community. This project will involve rewiring and replacing equipment to provide a state of the art network that will provide the fastest possible network access to all faculty and staff offices, classrooms, and student labs on campus. Specifically, the objective is to design, build, and maintain a network infrastructure consisting of a Gigabit Ethernet campus backbone with dedicated, switched Fast Ethernet (100 megabit) connections to every desktop.
A major aspect of this project will be the conversion to a “utility model” – an environment in which the network infrastructure is treated as a campus utility with all wiring and supporting electronics supplied and maintained by the Office of Information Technology. The conversion to this “utility model” will provide a standard infrastructure implementation that will be easier to maintain and more reliable than the current model. It will also be more immune to problems caused by staff turnover and will be able to take full advantage of a common set of spare parts. And, it allows the network to be easily upgraded as further advances in networking present themselves.
It is expected that this project will take a minimum of five years to be completed. As the network infrastructure in a building is reworked, control of that infrastructure will become the responsibility of OIT. Until that time, divisions will be expected to continue to operate original infrastructure components as in the past.
In order to provide an optimum network infrastructure to all faculty, staff, and students, the standards and policies outlined below will be followed:
1. General Principles:
1.1 The entire infrastructure of the campus network will be under the control of OIT.
1.2 All necessary network infrastructure components will be funded centrally. This includes wiring, switches, and routers. This does not include workstations, printers, or file, print, or application servers.
1.3 The terms of this policy cover all wiring and electronic devices from the wall outlet inward to the campus core network. In addition, certain devices outside of the wall-outlet-to-core region (e.g., divisional dial-in servers) are also subject to some restrictions.
1.4 A customized network infrastructure plan will be presented to each division before work is begun. This plan will serve as the blueprint for the division’s network upgrade. Work will not be started in an area until a plan that is acceptable to the division and OIT has been approved.
1.5 The standards proposed here will be periodically reviewed to ensure that current “best industry practices” are followed. Items for future consideration will be wireless networks and fiber to the desktop. A division may request a review of current Campus Network Infrastructure Policy specifications at any time.
1.6 The Office of Engineering Services (previously known as the Office of Design and Construction) understands the importance of the campus data communications network. This office has agreed to contact OIT for design information for all renovations and new buildings on campus. Of course, this information cannot be provided without input from the occupying division on items such as space utilization.
1.7 As in the past, when renovating an area or when constructing new buildings, funding for all data and network wiring and all network electronics is expected to be provided by the renovation or construction budget. Central funding is not available for these projects.
1.8 The departments of Telecommunication and Enterprise Technology will have primary responsibility for performing the tasks assigned to OIT.
2.1 Installation and maintenance of all wiring is the sole responsibility of OIT. Wiring will not be installed by divisional faculty, staff, or students. Wiring will not be installed by third party contractors hired by the division without the express consent of, and under the direct supervision of, OIT.
2.2 All new wiring installations will consist of two Category 5E wires to each location except for lab locations.
2.3 Existing Category 5 wire will be reused, where possible, and brought into full Category 5 compliance.
2.4 All wiring will be certified as Category 5 or Category 5E compliant as it is installed or reworked.
2.5 All wiring will utilize industry standard 110 patch panel termination in the wiring closets.
2.6 All wiring will utilize industry standard Category 5 or Category 5E wall outlets.
2.7 All wiring will be properly labeled.
2.8 As buildings are rewired, at least two network outlets will be placed in every classroom.
2.9 As buildings are rewired, student labs will also be reworked.
2.10 In some areas adequate space for data communications closets must be acquired. Given the critical nature of the equipment located in these areas, this space must be dedicated to use by data communications and telephone equipment. The space must not be used for housekeeping, storage space, or for any other use. Dedicated, secure communications closets are critical to the physical security of the campus network.
2.11 It is the responsibility of the school, department, or division to provide appropriate space for the data communications closet. The required size of the closet varies based on the size of the building. Generally, a closet in the 100-120 square foot range is required for a fairly large building while only 60-80 square feet is required for smaller buildings. Although typically only one closet is required for a building, particularly large buildings may require multiple closets. It is also the responsibility of the school, department, or division to ensure that the data communications closet is adequately cooled. Cooling to a maximum temperature of 85 degrees is required, and a maximum temperature of 75 degrees is preferred. The temperature should not get colder than 50 degrees. Relative humidity should be maintained in the range from 30 to 80%. OIT will bear the expense of acquiring adequate power to the closet.
2.12 Locks will be changed on all data communications closets to discourage other use of this space and to discourage unauthorized personnel from making wiring changes.
2.13 The Department of Telecommunication is prepared to install data communications wiring with the same priority it gives to installing telephones. That is, it will not be done on an as-time-is-available basis. A new procedure to request new data communications outlets has been put in place. The new procedure is similar to the current procedure for requesting telephone installations. This should streamline the process and provide quicker installation service.
2.14 A common point of contact in Telecommunications has already been established for accepting wiring requests. Requests for new wiring as well as for the activation or deactivation of connections using existing wiring should be submitted via the Web here. Click on Requests for Service then go to Network Requests. From there you can review the status of outstanding requests or submit a new work order.
2.15 Requests for assistance with the setup and use of PCs or other workstations should be directed to the Network and Computing Support IT Service Desk (firstname.lastname@example.org; (205) 348-5555; Box 870346).
3. Connections Provided:
3.1 All data outlets will provide switched 10/100 Mbps Ethernet to the end user.
3.2 Gigabit Ethernet links will be provided from wiring closet switches to central building switches. These building switches will then have Gigabit Ethernet links to a central, divisional network switch or router. (Note that the term “divisional network switch or router” does not imply that the switch or router will be owned or managed by the division, only that all network traffic for the division will be aggregated at this device prior to being directed to its final destination.) Additional fiber optic cable will be installed as necessary to provide these inter- and intra-building links.
3.3 A Gigabit Ethernet link will be provided from the divisional network switch or router to the campus backbone switch/router via the University’s fiber optic cable plant.
3.4 Multiple Gigabit Ethernet links will be provided as required.
3.5 Future infrastructure upgrades will be implemented as they become available and as the necessity for them becomes apparent.
4. Monitoring and Repair of Defective Components:
4.1 OIT will monitor all routers, switches, hubs, and other active network infrastructure components. This will allow for quick problem detection and repair or replacement of failing devices.
4.2 After hours building access must be provided to selected Office of Information Technology personnel so that failing components can be quickly repaired or replaced.
4.3 If the division wishes for OIT to also monitor devices that are critical to their network operations (e.g., file, print, e-mail, or Web servers), OIT will do so as long as a person is designated by the division as the contact when a failure is detected.
4.4 A common point of contact for reporting all network infrastructure problems has been established at OIT. The IT Service Desk should be contacted during normal University business hours at (205) 348-5555 or via e-mail to email@example.com. After hours calls should be directed to OIT Operations at 348-3997. These groups will contact the appropriate network personnel to resolve the problem in a timely fashion.
5. Device Connections:
5.1 Users will not be allowed to install switches, hubs, routers, or any other active or passive network device other than a personal workstation, printer, or a file, print, or applications server.
5.2 No device may be connected that presents itself as multiple, concurrent IP addresses without the express consent of OIT. This includes, but is not limited to, routers, switches, hubs, and wireless access points.
5.3 Users may not contract with any non-University entity to install restricted devices.
5.4 All area networks will be directly attached to the area core router or switch. No devices such as Novell NetWare servers, Microsoft Windows servers or workstations, or UNIX machines will be allowed to route or bridge network packets.
5.5 No traffic will be routed outside of the area except for IP and IPX packets. Other protocols, e.g. AppleTalk, will not be routed onto the campus backbone network.
5.6 Connections may not be made to any agency that is outside of the division without the express consent of OIT. This restriction is due to the high potential risk for security problems. This restriction applies to connections to commercial enterprises such as Internet Service Providers (ISPs) and to companies that provide a direct service to the University (e.g., a link from the University Library System to the Online Computer Library Center [OCLC] that is used for cataloging books). It also applies to connections that might be provided to other University personnel that are not under the direct control of the division.
6. Related Services:
6.1 OIT will assume the management of IP address management if desired. This will be done via Dynamic Host Configuration Protocol (DHCP) with static IP addresses assigned as necessary for such things as file servers. If the division desires to continue to manage its own IP address pool, that is also quite acceptable.
6.2 OIT will attempt to satisfy all requests for special network topologies that are needed for research or teaching. This may involve the construction of a private network or one based on a protocol such as ATM. Or, it may involve the implementation of VLANs.
7. Single Point of Contact:
7.1 Each division should designate a single person to coordinate all network infrastructure design and implementation with OIT.
This model will ensure a consistent, modern, manageable, cost effective network that spans all areas of the campus and provides equal access to all divisions. Adherence to a common standard will be insured. By utilizing a limited variety of devices, OIT can repair or replace failing electronics promptly and consistently. OIT will keep spares on hand and will keep all networking hardware and software under maintenance contracts. Using common equipment will also ease troubleshooting, since staffers responsible for this effort will not be presented with a confusing collection of device connection schemes.
Out of this new model of network infrastructure implementation, control, and management, The University of Alabama network user community will acquire a stable, state-of-the-art network suitable for any application currently imaginable, and a network that will be maintained and upgraded as future technologies present themselves.