|Category||Information & Communications Technology|
|Approved by||Vice-Chancellor, August 2009|
|Date Procedure Took Effect||27 August 2009|
|Last Approved Revision||30 June 2011|
|Sponsor||Director, Information Technology Services|
|Responsible Officer||Manager Network Services Group|
|Review Date||1 June 2013|
The purpose of this Procedure is to establish the means of securely and efficiently connecting to the University Network.
This Procedure applies University-wide.
ITS - Information Technology Services
DNS - Domain Name System
IP - Internet Protocol
RFC - Internet Engineering Task Force documents which codify address protocols.
WWW -World Wide Web
A local area network in use by an institution may be interconnected with the University network by following the procedures presented here. The intent is to make connection possible, secure and easily managed by the institution in question.
(a) The network infrastructure of the institution (client network) must be logically, and possibly physically, distinct from that of the University network, and will only access the campus network via a University supplied and managed demarcation gateway. This demarcation gateway acts as a single controlled point of contact between the University and institutional networks. This single point of contact enables the provision of a number of services, including:
(i) controlled access to services on the University network and global Internet.
(ii) data collection for accounting and traffic flow measurement, potentially to a user level.
(b) All devices on networks directly interconnected with the University network will use University supplied IP addresses and will use IP addresses to name mappings provided by University operated DNS servers. All devices on directly interconnected networks must be registered with the Information Technology Services Service Desk.
(i) institutions requiring control over aspects of network operation such as IP address allocation using an “RFC” address range, or discrete control of access to the global Internet will need to install a second gateway or “firewall” between the University network demarcation point and the remainder of the network within the institution.
(ii) Institutions with their own globally allocated IP address range will generally not be able to “route” or connect this IP address range to the Internet via the University. These restrictions are in part due to the nature of IP address routing on the global Internet and the stipulations of the University Internet service provider. It is also noted that increases in the complexity of the University connection to the Internet tend to reduce the long term reliability of Internet services for all users of the University network.
(c) Access to the internet and other facilities will be at the same costs and rates as apply to other members of the University community. The institution will be granted access to the University WWW proxy and News services as for any University department.
(d) The demarcation gateway system will be part of the University network. It will be owned and managed by ITS. All costs of provision of the gateway system and the management of that system will be met by the client institution. The cost level will depend on the level of service required by the connecting institution. All services will be subject to a Service Level Agreement between the institution and the University.
(e) The computer systems within the institution will need to run appropriate versions of software in order to make use of the connectivity provided by the University. There are restrictions on the network protocols that will be will be permitted to pass through the network demarcation point as per any wider University network security policies.
(f) Unless the institution enters into an agreement with the University for desktop support, there will be no direct desktop support for institutional machines. The institution will be responsible for troubleshooting network connectivity problems on the institution’s side of the demarcation point.