Search Information Security site

 

Connecting Networking Equipment Standard

Table of Contents

1.  Purpose and Background
2.  Standards
     a) ITS-Managed Wired and Wireless Network
     b) HIT-Managed Wired and Wireless Networks
     c) UVA College at Wise Wired and Wireless Networks
3.  Definitions
4.  Related Links
5.  Exceptions

[Return to Library]

1. Purpose and Background

In order to assure the highest level of service to the users of the University of Virginia's networks, it is critical to preserve their manageability, robustness, and security. Unauthorized networking equipment can disrupt normal network operations through interference or misconfiguration and can provide unauthorized access to the University network.

In order to maintain the integrity and availability of the University’s information technology resources, only Information Technology Services (ITS), Health Information and Technology (HIT), or their authorized designees may attach networking equipment (e.g. routers, switches, wireless access points, DHCP/DNS servers) to the University network or modify University network infrastructure (e.g. building copper and fiber cable plant, outlet wiring) as stated in the Acceptable Use of the University’s Information Technology Resources (IRM-002) policy.

[Table of Contents]

2. Standards

ITS-Managed Wired and Wireless Networks

For the ITS-managed wired and wireless networks, only ITS Network, Telephony & Video Services is authorized to

  • Attach networking equipment, and install and modify network infrastructure,
  • Require removal of non-authorized networking equipment or infrastructure,
  • Designate, following appropriate review and approval, other University affiliates to attach specific networking equipment and infrastructure,
  • Designate, following appropriate review and approval, other University affiliates to install University-owned, leased, managed, controlled, or contracted 2.4 and 5.1 GHz wireless devices, regardless of whether they physically connect to the network, to eliminate or minimize the effect on operations and availability, and
  • Withdraw authorization and/or approval when the equipment is no longer useful, causes any operational or security disruption, or is otherwise deemed inappropriate.

In most circumstances, ITS will not authorize installation of non-ITS networking equipment and infrastructure in areas where it already provides equivalent services; ITS will review requests to fill potential gaps in services. In cases where equipment is being used for a specific teaching or research application, ITS will work with faculty to determine whether there are circumstances under which use of the equipment may still be accommodated without causing problems with University networks.

HIT-Managed Wired and Wireless Networks

Health Information & Technology establishes standards for the acquisition of computing hardware, data storage, software, telecommunications and services.  Only devices, software, and services sourced and acquired in compliance with the Technology Acquisition - Acquisition of IT-Enabled Resources Connecting to Health System Resources policy shall be connected to the UVA Health System Secure Clinical Network.

For the HIT-managed wired and wireless networks, only HIT Networks is authorized to do the following:

  • Attach networking equipment, and install and modify network infrastructure,
  • Require removal of non-authorized networking equipment or infrastructure,
  • Designate, following appropriate review and approval, other University affiliates to attach specific networking equipment and infrastructure,
  • Designate, following appropriate review and approval, other University affiliates to install University-owned, leased, managed, controlled, or contracted 2.4 and 5.1 GHz wireless devices, regardless of whether they physically connect to the network, to eliminate or minimize the effect on operations and availability, and
  • Withdraw authorization and/or approval when the equipment is no longer useful, causes any operational or security disruption, or is otherwise deemed inappropriate.

UVA College at Wise Wired and Wireless Networks

For the Office of Information Technology (OIT)-managed wired and wireless networks, requests for the installation of networking equipment and/infrastructure are initiated at the OIT Helpdesk and authorization granted by OIT.

[Table of Contents]

3. Definitions

For a comprehensive list of the definitions found in the Acceptable Use, Data Protection, Information Security, and Privacy & Confidentiality policies, please click here.

[Table of Contents]

4. Related Links

[Table of Contents]

5. Exceptions

If you think you need to request an exception to these requirements, please refer to the Exceptions Process.

[Table of Contents]

APPROVER: Chief Information Officer

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form