Network Policy
To define the University network and establish operational provisions governing use and operation of the network.
This policy applies to all users directly or virtually connected to the University network under the administrative control of the Lawrence campus, including the Edwards campus.
Principles
The University will adopt a uniform set of standards, installation practices, processes, procedures, and operational criteria in the construction, use, and ongoing management of the University network to ensure its secure, effective and efficient use.
The priorities for the University network are safety, security, economy, reliability, and capability. The University’s goal is to ensure the integrity and stability of the University network, as well as the efficiency and effectiveness of its construction and operation.
Providing a centrally managed enterprise class institution wide network is most effective and efficient method for achieving University’s goals in information transport. This reduces the total cost of ownership to the University and promotes the availability and reliability of its information transport systems for all users. Through central planning and management, the University ensures that the network infrastructure is constructed and operated in an integrated, effective, and efficient manner.
The University network is for the use of the University as a whole and is managed for the benefit of all University users. Therefore, the network is designed and implemented to handle a wide variety of information transport requirements. This network is designed to satisfy most user needs for the transport of information.
General Policy Provisions
- Information Technology will manage and administer the University network through its Information Technology division.
- Use of the University network is governed by the Acceptable Use Policy for electronic resources.
- All physical connections to the University network must be made in accordance with KU’s Telecommunications Wiring Policy.
- All wireless connections to the University network must be made in accordance with, KU’s Wireless Policy.
- All devices connecting to the University network must be centrally registered.
- The configuration and operation of devices connecting to the University network must comply with all applicable University security policies, procedures, and practices.
- The Information Technology Security Office (ITSO) will determine the security specifications and standards for devices connected to the University data network. Devices connected to the University network will be reviewed on a regular basis for the latest operating system and application security patches applicable to that device as well as the latest anti-virus software. Devices not compliant with IT Security Office standards may be disconnected from the University network.
- All devices/users connecting to the University data network through KU’s Virtual Private Network (VPN) must use the centrally-provided service and comply with KU’s VPN Policy. Other VPN services are not allowed. The IT Security Office may implement or utilize additional VPN services to enforce confidentiality and integrity of campus data and assets. Devices connecting via a third-party telecommunications provider contracted by the user or a third-party telecommunications provider’s dial-up connection may be required to meet certain specifications to utilize the University’s VPN service.
- Information Technology will determine the technical specifications, installation practices, standards, and operational criteria for the management and operation of the University network.
- The University data network shall utilize the Internet Engineering Task Force (IETF) open standard suite of protocols collectively known as the Internet Protocol (IP). Vendor proprietary protocols such as AppleTalk, IPX, or any other proprietary protocols will not be routed over the University data network.
- Units/users may not attempt to implement their own network infrastructure or extend the University network without permission from Information Technology. This includes, but is not limited to, basic network devices such as repeators, switches, routers, network firewalls, wireless access points, telephone key systems, CATV splitters or virtual extensions using tunneling technologies such as Virtual Private Networking (VPN) hardware and/or software. Units/users may not offer alternative methods of access to the University network, such as modems.
- Devices connecting to the University’s data network must use the central Dynamic Host Control Protocol server.
- Devices connecting to the University’s data network must use the central Domain Name Service (DNS).
- Units will be responsible for expenses associated with correction of any unauthorized installation, modification, or resulting repair.
- The University recognizes that certain organizations/departments may require their own information transport networks for academic, research, or other special purposes. However ALL networks of this type utilizing any type of transport media (electrical, photonic or wireless) for any information transport need are considered owned by the University and as such fall under the jurisdiction of The University. Implementation of such networks must be coordinated through KU Information Services.
- The Director of IT Physical Infrastructure can make exceptions to the provisions of this policy in accordance with overall network management and reliability requirements and user needs.
Responsibilities of Information Technology
Information Technology responsibilities regarding the University network include but are not limited to:
- monitoring rules, regulations, guidelines, best practices and standards of
- Federal Communications Commission (concerning telecommunications)
- Digital Millennium Copyright Act (DMCA)
- Building Industry Consulting Service International (BICSI)
- Telecommunications Industry Association (TIA)
- Institute of Electrical and Electronics Engineers (IEEE)
- International Telecommunications Union (ITU)
- Internet Engineering Task Force (IETF)
- National Electric Code (NEC)
- National Electric Safety Code (NESC)
- Americans with Disabilities Act (ADA)
- American College and University Telecommunications Association (ACUTA)
- EDUCAUSE
- monitoring the performance of the University network on a 24-by-7 basis and ensuring its reliability.
- ensuring compliance with the University’s privacy practices in relation to network functions. Upon consultation with General Counsel’s Office, the Office of the Vice Provost for Information Services may disclose information obtained in network management or review to law enforcement agencies presenting a validly issued subpoena or court order, and to the University administration upon proper authorization through appropriate administrative channels.
- providing systems to ensure device registration and the disconnection of unregistered devices.
- providing systems for communicating network health and planned maintenance downtime to local technical staff.
- providing local technical staff with appropriate tools to address issues affecting devices.
Responsibilities of the Department
- Departments will appoint a staff member (usually the technical liaison) to be the departmental contact for Information Technology for ordering new service, requesting changes to existing service, and/or reporting maintenance issues.
- The Department shall notify Information Technology of any change in the Department’s contact person.
Any individual who violates this policy may lose computer or network access privileges and may be subject to disciplinary action in accordance with and subject to appropriate University policy and procedures, which may result in a range of sanctions up to and including suspension or dismissal for repeated or serious infractions.
Office of the Chief Information Officer
1001 Sunnyside Avenue
Lawrence, KS 66045
785-864-4999
kucio@ku.edu
The University Network is an infrastructure of electronic and optical distribution hardware, control software, and wired and wireless media. The University network utilizes various technologies to transport voice, video, and data. The University network begins at the point where an end-user device (located on University-owned or leased property, or on KU Endowment property utilized by the University’s Lawrence or Edwards campuses) gains access to this infrastructure and ends at the point where the University network attaches to external non-KU networks.
End-user devices that indirectly connect via a third-party telecommunications provider (a connection made to the KU network via a home broadband or dial up connection for example) are not considered part of the University network.
Two separate network domains comprise the University network: KU-Net and ResNet. Each domain consist of different types of networks including, but not limited to, the University packet switched data network, the University circuit switched voice network, and the University non-switched cable TV (CATV) network. These domains with their constituent network types will henceforth collectively be referred to as The University Network.
KU-Net comprises the networking infrastructure that allows direct connection of end user devices via:
- a wired network path centrally managed by KU Information Technology
- a wireless network path centrally managed by KU Information Technology
- a path provided by a third-party telecommunications provider contracted by KU Information Technology
- a dial-up connection centrally managed by KU Information Technology
Users with direct connections will have a KU-owned IP address, telephone number or other KU owned address descriptor. End-user devices may also have an indirect connection to KU-Net via a third party telecommunications provider contracted by KU Information Technology.
ResNet begins at the point where an end-user device located on University property and managed by the University Housing Department (all residence halls, scholarship halls, and Stouffer Place apartments) gains access to the University network and ends at the point where the network attaches to external non-ResNet networks.
Additional to these two network domains the University network also includes connections that provide service to users under specific special agreements.
User: Any person who utilizes the University network for transmitting and/or receiving information.
Device: Any device that is connected to the University network for the purpose of transmitting and/or receiving information, including but not limited to, computers, printers, servers, telephone instruments, and video equipment such as television sets and conferencing systems.
Connection: The physical point where a direct or virtual path (wired or wireless) is established between a device and the University network.
01/26/2022: Updated contact section.
05/22/2015: Policy formatting cleanup (e.g., bolding, spacing).
09/11/2007: Updated to reflect NTS/IT reorganization of responsibilities.