Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

These zones can vary significantly in how they are trusted: from networks trusted little more than the general Internet to networks that require stringent vetting and auditing. Most networks are public, but some are very isolated and not even routed. The common requirements across all zones are only that systems follow University security policies and that the Security and Networking teams can quickly identify the location and responsible party for all hosts on our networks.

Auditing

...

Governance

Policy Application

For the purposes of this document, production systems are defined as any system, to include allocated systems, intended to provide reliable computational and/or data services to a networked constituency. These systems include not only “customer facing” hosts, such as web servers, file servers, login nodes, etc., but also the infrastructure required to support these systems, such as backend database servers, backup and storage systems, authentication servers, etc.

NCSA IT Operations Board

The leaders of ADS (Advanced Digital Services), ITS (Information Technology Systems), and Security are responsible for application of this policy. These three groups are the service providers of infrastructure at NCSA and meet regularly to discuss security issues and strategy for providing better services.

Audit

The Security Team is responsible to ensure regular auditing of this policy and automates this when possible. However, responsible does not always mean executing every audit on their own. This is a group endeavor among all the NCSA service providers and requires coordination and cooperation between ADS, ITS and Security.

Enforcement

Violations of this policy may result in immediate disconnection of systems by the Security Team, especially in critical and sensitive zones. Failure to obtain prior approval for installations based on zone policies or attempts to circumvent these policies will be reported to senior management at the NCSA.

...