Educause Security Discussion mailing list archives

Re: HEOA Question

From: "SCHALIP, MICHAEL" <mschalip () CNM EDU>
Date: Mon, 31 Jan 2011 08:43:55 -0700

As an ex-fed myself - I always wonder about compliance with unfunded mandates like HEOA.  But - aren't the possible 
"responses" such that network logs, etc. just one route?.....do you *have* to do the logging thing?  There are other 
"technology-based deterrents" that could be pursued, right?

(From Educause) "Several sections of the HEOA deal with unauthorized file sharing on campus networks, imposing three 
general requirements on all U.S. colleges and universities:

*An annual disclosure to students describing copyright law and campus policies related to violating copyright law.
*A plan to "effectively combat the unauthorized distribution of copyrighted materials" by users of its network, 
including "the use of one or more technology-based deterrents".
*A plan to "offer alternatives to illegal downloading"."

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Matthew 
Gracie
Sent: Monday, January 31, 2011 7:56 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] HEOA Question

On 01/31/2011 09:44 AM, William Derwostyp wrote:

I need some input.

Here at USM the students are segregated to a wireless network that is
now behind a single address(NAT). This has caused a problem with
responding to RIAA notices as we cannot tie the notice to a specific
user on the network which in turn affect the compliance to the "Higher
Education Opportunity Act" (HEOA).



I am going to assume that there are other universities that use the
NAT process to control traffic on their perimeter and use non-routable
addresses on the internal network. Is there any tool or application I
can use that will help to tie the notices back to the person without
having to go back to public addressing?


If you're using Cisco gear on the edge of the wireless network to handle the NATing, it might be helpful to turn on 
Netflow and send the flow data to a collector. Even an open-source tool like Flowviewer would give you better records 
of which client is passing what kind of traffic; depending on the number of IPs we're talking about, that might be 
sufficient to handle your HEOA demands.


--
Matt Gracie                         (716) 888-8378
Information Security Administrator  graciem () canisius edu<mailto:graciem () canisius edu>
Canisius College ITS                Buffalo, NY
http://www2.canisius.edu/~graciem/graciem_public_key.gpg

--
This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Current thread:

HEOA Question William Derwostyp (Jan 31)
- Re: HEOA Question Matthew Gracie (Jan 31)
  - Re: HEOA Question Eme Ejike (Jan 31)
  - Re: HEOA Question Kevin Wilcox (Jan 31)
  - Re: HEOA Question SCHALIP, MICHAEL (Jan 31)
    - Re: HEOA Question Steve Worona (Feb 01)
- Re: HEOA Question Bulanda, Dave G (Jan 31)
  - Re: HEOA Question Gioia, Matthew P. (Jan 31)
    - Re: HEOA Question Bulanda, Dave G (Jan 31)
    - Re: HEOA Question Harry E Flowers (flowers) (Feb 02)
    - Re: HEOA Question Dave Inman (Feb 03)
- Re: HEOA Question Dexter Caldwell (Jan 31)
  - Re: HEOA Question Cal Frye (Jan 31)
    - Re: HEOA Question Jacobson, Dick (Jan 31)
    - Re: HEOA Question Dexter Caldwell (Jan 31)

(Thread continues...)