All computers within the University of Limerick are currently accessible to the world community of users on the Internet. There are a number of groups in this community who attempt to cause damage to computer systems around the world by hacking. The University is being scanned continuously for systems that contain vulnerabilities and therefore available tohackers to attack other systems from (perhaps elsewhere on the internet). The Microsoft operating systems are particular targets for these hackers.
These attacks are of particular concern to the University because :
- hacking of a particular computer may cause the person using the computer to lose data and to have to spend considerable time re-building the operating system.
- once a system within UL is hacked it is then possible for the hacker to launch attacks on any other computers accessible to it on the University network.
- the hacker may launch attacks to other internet sites via this University so causing a reputation problem to the University.
The University has defined security 'zones' on the network with each zone having different levels of security. Higher zones can access lower zones but not vice-versa e.g. Zone 4 may access Zone 3 but Zone 3 cannot access Zone 4. The zones are as follows:
- Zone 1 - Open - has public access from both within the University and to anywhere in the world. It contains those systems that need to be available to the Internet; University public WEB servers, the Library System, Public filestores, Staff and Student email servers and the duplicate MIS systems that students and staff require to access from home.
- Zone 2 - public - this zone contains the student village computers and the public access network connections (including any wireless connections).
- Zone 3 - student - this zone contains the student PC clusters, the Library CD-ROM servers and applications servers containing the software that students are required to use.
- Zone 4 - staff -this zone contains most staff computers, applications and filestore servers required for use by staff
- Zone 5 - closed - the most secure zone with very well defined and logged access. This zone contains the systems that are most important to the continued management of the University, e.g. payroll, HR systems etc.
By default Staff computers are placed in Zone 4. This gives them access to the internet via the proxy servers, denies access to their PC from outside the University or by student PCs and gives access to the necessary University management systems. If such staff want to make their files available outside of the University they must transfer the files to one of the open (zone 1) filestores reserved for this purpose.
Regulations - IT Network Security
Staff wanting to give external access to their own computer may opt to place the computer in zone 1. However this denies them access to other computers within the University. They also agree to abide by the University's System Manager's responsibilities.
Movement of PCs
Each PC is 'bonded' to a particular port on a network switch. The computer cannot be moved to another port on a network switch without the interaction of ITD staff. Consequently staff moving a PC to a different location have to request a change of location via the ITD Service Desk.
The University scans all email for possible viruses and quarantines any suspected files. Both the sender and receiver receive a message regarding any quarantined files. In addition the University does not allow the circulation of the following types of file by email .exe,.vb*,.sch,.scr.
Approved by IT Steering Committee - 28th May 2002
Awaiting Approval by Executive Committee.
University of Limerick.
15th July 2002