Policy on computer deployment
In order to provide better service and network performance and security, all devices attached to the network (wired or wireless) must be registered with, and certified by, Network and Programming Services (NPS). The NPS network devices database is used for network authentication, authorization and managing network related attributes such as bandwidth share.
Campus IT staff has the authority to allow/deny attachment of the device based on its meeting the following criteria:
· The device must be registered with and authorized by NPS.
· The device must be named in accordance to the UW-Superior network naming scheme. See Network Naming Scheme.
· If applicable, the device's networking must be configured by a NPS designated service. See Networking Configuration.
· The registration of the device must include information about person assigned as primary user or/and administrator of the device. "Server" class systems must have designated systems administrators who are qualified and employed by the University. They will be responsible and accountable for any security breaches that originate from a system for which they are responsible. See Device Classification.
· The device has to meet minimum security standards as defined by NPS. See Minimum Security Standards.
All network-attached device purchases must be approved by the Computing and Media Services (CMS). Upon delivery, the CMS Helpdesk must be notified to make arrangements for deployment. All devices must be deployed by IT staff after Programming and Networking Services has recorded the necessary information. Any devices that do not comply with these policies may be disconnected from the network. See http://www2.uwsuper.edu/infotech/IITS/Policy/network.htm. Designated "Server" class systems administrators are required to sign a declaration attesting to their awareness and knowledge of the University Information Assurance policies.
Please note under some circumstances, systems that would normally be deemed threatening to network performance, integrity and security may be authorized by NPS in an effort to facilitate the primary campus mission of educating students.
If a department feels that a device has been inappropriately blocked or restricted, it may request a review of the decision by the Chief Information Officer. If, after the review, there is still a disagreement with the decision, it may be further reviewed by the Provost.
· Where possible, user computers should be named after the user.
· jjohnson’s computer would be named jjohnson
· If jjohnson has more that one computer the names should have a number at the end (jjohnson-1, jjohnson-2…).
· If a computer has more than one regular user it should be named after the room is it in.
o A shared computer in Old Main 237 should be named OM237-n, where n makes the computer name unique (OM237-1, OM237-2…)
· Stand-alone printers should be named after the room and model/type (OM130HP8100, B201COLOR…)
Networking Configuration
· All devices attached to the network must have a name and an Internet Protocol (IP) address.
· IP address must be configured by a NPS Dynamic Host Configuration Protocol (DHCP) server
o If a static IP address is necessary, NPS will provide one.
· Server Class
o Multi-user-attach
o ...
· Client Class
o Single-user
o ...
· All devices attached to the network may be scanned for viruses, vulnerabilities, security threats and restricted network services.
· Certain services will not be allowed without first notifying NPS.
· Must have adequate and current virus protection.
· Must be physically secured to prohibit access by unauthorized personnel