Allocation and maintenance of the University's Class B domain 169.226.xx.xxx shall be made pursuant to the following standards and guidelines:
There will be one central Domain Naming Service (DNS) for the entire University at Albany maintained by the Office of the CIO.
The Office of the CIO or designee may assign ranges of IP addresses (subnets) within the 169.226 domain to organizational units of the University. Subnet owners agree to assign and manage addresses in compliance with these guidelines and any others that may be issued. Subnet owners agree to demonstrate and maintain the required technical expertise to manage their subnets.
Devices (servers, personal computers, laptops, hand-helds, etc) are connected to the network by assignment of an Internet Protocol (IP) address. Address assignment is made pursuant to registration of a device by an authorized member of the UA community. Typically, the authorized member is an IT technical support provider (subnet manager) or an authorized UA user. NetReg is the system-of-record for device registration and IP address assignment.
Dynamic Host Configuration Protocol (DHCP) is the default method of address assignment, excluding those subnets that are entirely made up of servers (e.g. 1 and 63).
All devices connected to the network shall have a single media access control address (mac address) per Ethernet card. Hubs, routers, switches and wireless access points not authorized by the Office of the CIO are expressly forbidden.
Devices connecting to the UA network must meet the following requirements:
- current level of operating system (OS) updates, patches and fixes
- be free of viruses, worm, infection or equivalent program that could cause harm to the network or other users
- current anti-virus program with up-to-date definition files
Registering devices that do not meet these criteria is strictly forbidden.
Technical Coordinators (TC) may register devices on behalf of faculty, staff and students provided the user's name is entered appropriately in Netreg. The registrant serves as the point of contact for any questions regarding network traffic originating from a device registered by them.
Hard-coded IP addresses within the subnet (DHCP) range can be entered for servers only, provided there is such a notation in the University Network Registration (Netreg) comment field.
Static IP numbers within the DHCP range may be used to register desktop computers and printers.
Departmental firewalls and/or NAT devices may be installed with the assistance and approval of the Office of the CIO or designee. Configuration and maintenance of departmental firewalls is the responsibility of the department. However, all NATted or firewalled systems must still be accounted for in NetReg.
Devices connected to the UA network are subject to periodic scanning for known vulnerabilities.
The Office of the CIO reserves the right to suspend the network access of any device connected to the network that represents a security threat, impedes the functioning of the network as a community resource, or is non-compliant with regulatory or legal requirements. Such suspension shall include notification to the registered user.
Next scheduled review: January 09