Network Citizenship
Revised 1 April 2019
Purpose
The UCSB Director of Network and Communication Services is charged with the maintenance and administration of the campus network space, and as such must ensure the proper operation and security of systems attached to the campus network. The requirements and processes in this document are intended to describe the minimum network administration responsibilities that accompany the delegation of subnets within the campus network space.
Background
"The Internet is a co-operative endeavor, and its usefulness depends on reasonable behavior from every user, host, and router in the Internet. It follows that people in charge of the components of the Internet must be aware of their responsibilities and attentive to local conditions."
The above statement was written in 1990 in an Internet Engineering Task Force Request For Comments (RFC) describing the basic responsibilities of network managers. In the intervening years, changes in technology, in the way the network is used and abused, and in the legal obligations of those providing network services have created a growing set of challenges to the successful maintenance of an effective Internet and World Wide Web. For the UCSB campus data network to be able to meet institutional goals and responsibilities, the following issues must be addressed.
- The Confidentiality, Integrity, and Availability of the campus network must be maintained. In addition to the efforts required for normal operation, there is an increased need to address the effects of viruses, worms, and other security exploits, both to minimize their disruptive effects and to limit institutional legal liability.
- Access to campus network resources needs to be controllable based on the usage and licensing requirements of those services.
- The source of network traffic must be identifiable (both the source system and the person responsible for that system) to be able to appropriately respond to security compromises and other problems, in addition to limiting institutional liability.
Requirements
To address the above issues, the following requirements and processes will be implemented.
1. All network address allocations ("Subnets"), including existing allocations, are subject to the following conditions.
- a. Network address space allocations are made based upon the request of a department and with consideration of all relevant technical issues, including utilization of allocated space.
- b. The unit requesting the subnet must propose a Network Administrator, authorized and capable of acting in accordance with the requirements described below. Note, in cases of emergency, a Network Administrator may be required to be available during non-standard working hours (See 2.b).
- c. Proposed Network Administrators are subject to Director of Network and Communication Services approval based upon an evaluation of his/her ability to ensure implementation of the requirements.
- d. A network may be without a Network Administrator for up to sixty days during a staffing transition, with further extension subject to approval. In those instances where the Network Administrator responsibilities are not assigned within a timely manner, the subnet allocation may be revoked by the Director of Network and Communication Services with the approval of the Chief Information Officer in accordance with Section 4 below.
2. Network Administrator responsibilities include:
- a. Shared accountability and responsibility for the operation of the subnet and its attached systems. Other individuals may have specific responsibilities as outlined in BFB IS-3 and the Implementation Guidelines for the Electronic Communication Policy (IECP).
- b. Serving as the interface between the unit, network users, and the campus network administration, including the Director of Network and Communication Services, the Network Security Coordinator, and the Network Operations Center staff. As the point of contact for networking issues, routine availability of the Network Administrator can have an impact on the function and availability of a network. This is particularly true under abnormal circumstances, such as a compromised or infected system.
- c. Designating secondary contacts for the subnet. Secondary contacts are optional and may have specific roles, such as security, desktop support, etc., and are recommended to ensure ongoing support when the Network Administrator is not available. Secondary contacts do not obviate the Network Administrator's responsibilities under 2.a above.
- d. Identifying, reporting and correcting known vulnerabilities in a timely manner.
- e. Denying network connections to individual systems or devices based upon:
- Existing vulnerabilities.
- Known compromise(s). Connections may remain online as required for investigation by law enforcement or the campus Network Security Coordinator.
- To maintain proper operation and security of other systems.
- Other incompatibilities with the requirements of this document.
- f. Providing to campus Network Security personnel the specific source system and responsible individual for network traffic observed on the campus backbone, given a date, time, Internet Protocol address, and port number. Identification of source systems must be possible for one month after traffic was sent.
- This has significant implications for use of wireless or NAT, as such systems frequently lack sufficient accounting as required by this section. As with any system, the Network Administrator may deem these systems unsupportable, and thus prohibited from deployment on the network in accordance with 2.e above.
- Data collection performed in an attempt to comply with this requirement must be conducted in accordance with law and UC policies, such as the Electronic Communications Policy and BFB-IS-3, and the IECP.
- The Director of Network and Communication Services may reduce the requirements of this clause (f) for specific systems for a limited duration based upon an evaluation of the risks associated with a well-defined implementation.
- g. Maintaining knowledge of all attached systems and the services they support.
- h. Maintaining knowledge of relevant policies including:
- University of California Electronic Communications Policy (http://policy.ucop.edu/doc/7000470)
- UCSB Electronic Communications Implementing Guidelines (www.policy.ucsb.edu/files/docs/policies/ecp.pdf)
- California Civil Code 1798.82 and 1798.29
- University of California BFB-IS-3 Electronic Information Security and associated standard (https://security.ucop.edu/policies/index.html)
- i. Ensuring compliance with system requirements described in Section 3 below.
- j. Notifying the Network Security Coordinator, security@ucsb.edu, in the event of a known or suspected system compromise.
- k. Notifying the Director of Network and Communication Services in the event the Network Administrator is incapable of fulfilling their responsibilities for any reason.
3. Systems attached to the network must not:
- a. Provide open services that could be exploited to relay communications and make connections from external hosts appear as if they came from the UCSB network (such as open HTTP proxies or open SMTP relays).
- b. Provide services that could be leveraged to perform Denial-Of-Service attacks (for example, misconfigured NTP servers of open DNS resolvers).
4. Network allocations may be revoked by the Director of Network and Communication Services with the approval of the Chief Information Officer due to failure to meet these requirements. This would clearly be a significant and disruptive action, and would not be undertaken without first providing written notice to the Vice Chancellor, Dean, department chair and/or MSO or equivalent. It is the explicit objective to seek correction of deficient network administration rather than disconnection, but disconnection is the only option in the absence of routine and responsive maintenance and administration of networked systems.
Updates
The above requirements are subject to change. Should changes occur, all reasonable efforts will be made to notify Network Administrators continued use of campus network resources constitutes an agreement to comply with the revised requirements.