Server Policy

Background

It is often desirable to attach departmental or application specific servers to CSU-Pueblo.Net, the campus network. This provides the server with access to network resources such as software, printers, and Internet resources. Because of the nature of current technology, the attachment of a server to an Ethernet network can have an impact on other users on the rest of the network. This impact may be in the form of performance, security, or in some cases access to other resources. Causes include a myriad of reasons ranging from software incompatibilities to power outages. The purpose of this policy is to protect the users and the integrity of the network.

Policy Statement

CSU-Pueblo departments, schools, or other University organizational units may connect their own servers to the campus backbone under the following conditions.

  • The administrative head of the organizational unit (department chair, etc) must provide Information Technology Services with a written notice at least 48 hours prior to connecting a server to the backbone. The request is to include the following information:
    The date and time the connection is to be made. 

    The physical location of the server.

    The identity of the wall jack used. 

    The name and phone number of the administrative contact. 

    The name and phone numbers (day and night) of the technical contact. 

    The hardware configuration of the server (brand name, model number, Ethernet address, type and version of network operating system) 
    • The requesting unit is responsible for maintaining server software to be compliant with licensing and copyright laws.
    • The requesting unit is responsible for all maintenance on the server, including hardware, software, upgrades, accounts, backups, security, etc. The same responsibilities apply to any special client modifications to systems owned by the requesting unit.
    • Service to the entire campus community is the priority. A single workstation or server can occasionally cause the entire network or a portion of it to lock up or perform in an erratic or otherwise non-productive manner. In these cases, the good of the many will outweigh the good of the few and the device or segment in question will be logically or physically disconnected from the network until the problem can be resolved. Because networking implies several users sharing portions of the backbone, some users whose functions are totally unrelated to the server in question could be affected. Every effort will be made to minimize the impact of any action taken. This same philosophy will be applied in cases where electronic information appears to be in danger of compromise. This would include but not be limited to: data files, e-mail, software, and operating systems.
    • The central system (backbone and campus servers) will not be altered to accommodate functions unique to an individual server. Only standard interfaces will be employed.
    • No server will provide Domain Name Service (DNS) except those operated by Information Technology Services.
    • Only IP protocol will be provided and maintained on the backbone. All IP addresses will be issued by Information Technology Services. No bogus or self-generated numbers may be used.
    • Electronic mail for the campus will be centralized. The purpose of this is to present a consistent address format to the outside world for the institution and to establish common functionality internally.
    • Firewall, packet filtering, or other security implementation may alter accessibility to the server from both on and off campus. Information Technology Services will work with requesting departments to accommodate accessibility in the best way possible. If accessibility to the server creates a "back door" security risk, or presents a compromise from the network perspective, network integrity will take precedence.

      (Approved by Provost 3/98)