Educause Security Discussion mailing list archives

Re: Policy regarding servers on the network

From: Brian Viscuso <bviscuso () UWF EDU>
Date: Mon, 25 Apr 2005 09:59:10 -0500

A DMZ is good way to handle it, but is there a policy or document that
spells that out for the campus or other server admins? Do they even know
they are in a DMZ? And what if they want the server inside a firewalled
or 'protected' area of the network?
 
Sorry for all the questions... As you can see I am looking for a more
political based answer than technical one.
 
Thanks for the feedback - Brian
______________________________________
 
Brian Viscuso
Director for Systems Engineering
Information Technology Services
University of West Florida
11000 University Parkway
Pensacola, Florida 32514
(850) 474-3453 wk.
bviscuso () uwf edu
______________________________________
 

  _____  

From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Lucas, Bryan
Sent: Monday, April 25, 2005 9:35 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Policy regarding servers on the network



Define server, that's the problem.

 

Seriously though, in theory anything that is we consider a rogue goes
into its own DMZ. 

 

Bryan Lucas

Server Administrator

Texas Christian University

(817) 257-6971

  _____  

From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brian Viscuso
Sent: Monday, April 25, 2005 9:09 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Policy regarding servers on the network

 

I am curious to see if or how many institutions have a specific policy
that regulates how servers are put on the network? And, do you have a
formal request system in place for getting these servers on-line? We are
working on formulating a policy for college/departmental servers on our
network in an effort to 'corral' rouge servers and tighten up our
network traffic going to these servers. We aren't saying they can't have
them, we just want to know about them in advance and make sure they are
compliant with common security standards. If anybody out there has
something similar in place I would be interested in seeing their policy
or implementation.

 

Many thanks in advance.

 

- Brian

______________________________________

 

Brian Viscuso

Director for Systems Engineering

Information Technology Services

University of West Florida

11000 University Parkway

Pensacola, Florida 32514

(850) 474-3453 wk.

bviscuso () uwf edu

______________________________________

********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/. ********** Participation and
subscription information for this EDUCAUSE Discussion Group discussion
list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

Policy regarding servers on the network Brian Viscuso (Apr 25)
- <Possible follow-ups>
- Re: Policy regarding servers on the network Lucas, Bryan (Apr 25)
- Re: Policy regarding servers on the network Brian Viscuso (Apr 25)
- Re: Policy regarding servers on the network Steve Schuster (Apr 25)
- Re: Policy regarding servers on the network Gary Dobbins (Apr 25)
- Re: Policy regarding servers on the network Tim Howard (Apr 25)
- Re: Policy regarding servers on the network Darnell Walker (Apr 25)
- Re: Policy regarding servers on the network Mark Borrie (Apr 25)