Security for System Administrators and Local Support Partners (LSPs)

Learn security best practices for protecting Web applications, servers, and workstations. Also, find out about ITS resources that are readily available to help you. If you have questions about training or policies, this site is your launch pad. The contents of this page include: 

Secure Your Servers, Workstations, and Network

Get a preconfigured secure computer

  • Through the Departmental Computing Inititative, Cavalier Computers makes departmental computer purchasing easy. Their knowledgeable sales staff will work with you to get you the computer best suited for your needs. 

Get Security Software 

Configure Firewalls

  • Networks Hardware Firewall Service: ITS's Level III Firewall Service is offered to support customized secure zones within the UVA network. Typically these are for small groups of departmental servers that have specific access requirements which cannot be accommodated on the free UVA More Secure Network.

Get ITS Network Services

  • The More Secure NetworkIf your department is managing sensitive or internal use data, we recommend that devices used by members of your department be secured behind the University's hardware firewall, the More Secure Network. The list of "devices" includes (but is not limited to) desktop computers, laptops, tablets, cameras, audio recorders, smart phones and other mobile devices, as well as servers (including shared drives), printers, copiers, routers, switches, firewall hardware, network-aware devices with embedded electronic systems (i.e. “Internet of Things”), supervisory control and data acquisition (SCADA) and industrial control systems, etc. If your department manages highly sensitive datayou must locate devices behind a hardware firewall configured by a highly skilled IT professional and approved by the UVA Information Security office or the Health Information and Technology office as appropriate. 
  • Netbadge Developer Info for Windows and IIS: Follow the link to access information for developers who need to build or adapt Windows applications to use NetBadge, and IIS Web server administrators who need to work in the NetBadge environment.
  • Netbadge Developer Info for Linux/Apache: Follow the link to access instructions for installing & configuring a Shibboleth SAML service provider for NetBadge single-signon.
  • Network RegistrationITS requires most devices connecting to the University wired and wireless network be registered in ITS’ database. This policy enables ITS to track down compromised or “hacked” machines quickly, minimizing damage done not only to those machines, but also to others on the University network as well. More timely problem resolution means shorter downtimes and shorter periods of degraded network performance for all users at UVA. 

    Log into UVA Network Registration through NetBadge to register a device, or to check and/or update an existing device's registration.

  • Public Key Infrastructure: Follow the link to access instructions for generating and using an openssh key pair (Secure SHell - SSH).

Get Secure Server Administration

  • ITS Windows Server Support (for fee): Whether you need a physical server or a virtual host, Information Technology Services (ITS) has options to accommodate your needs. Let ITS manage your server (and everything that goes along with it) so you can devote your time to other tasks.
  • ITS UNIX Systems Servers Support: Learn how to manage your Home Directory account, including how to recover files and manage groups and file ownership if you are a UNIX group administrator.

Other Tips and Guidelines

Get training

  • GIAC Certified Windows Security Administrator: The GIAC Certified Windows System Administrator (GCWN) certification validates a practitioner's ability to secure Microsoft Windows clients and servers. GCWN certification holders have the knowledge and skills needed to configure and manage the security of Microsoft operating systems and applications, including: PKI, IPSec, Group Policy, AppLocker, DNSSEC, PowerShell, and hardening Windows against malware and persistent adversaries. Follow the link to find out more about and register for the exam or renew a GIAC certification. 
  • School of Continuing and Professional Studies - Certificate in CyberSecurity Management: The online Cybersecurity Management Certificate is ideal for cybersecurity professionals who want to move into leadership, managers who may soon be assigned cybersecurity duties, and career changers who seek entry-level and mid-level positions in the industry. You will learn the essential skills needed to identify cyber threats, devise appropriate defense strategies, develop policy, and plan and conduct assessments. You will also gain familiarity with the ethical, legal, and regulatory environment as it relates to operating in cyberspace.

Have a Securit​y Problem?