Network Connection Policy

This document covers the policy regarding the connection of computers to the University of Florida Department of Astronomy computing network. It covers computers managed by the Astronomy System Staff, self-managed computers, special policies in regards to the Instrumentation Lab, software policy, enforcement, and incident response.

I. Acceptable Use
II. Statement of Liability
III. Software Licensing
IV. Computers Managed by Astronomy System Staff
V. Computers Managed by Others
VI. Instrumentation Lab
VII. Enforcement & Incident Response
VIII. Modification of Terms

Acceptable Use

The Department of Astronomy provides network access for instructional and research use by the faculty, staff, and students working within the unit. All users taking advantage of these resources must comply with the University of Florida Acceptable Use Policy.

Although the department provides computer workstations for use, users are allowed to bring in their own computer equipment, such as personal owned laptops. This policy applies to all computing & networking devices connected to the Astronomy network, regardless of ownership.

By using any device connected to the department network, the user agrees to the terms of this policy.

Access to this resource is a privilege, and may be terminated if used in violation of these policies.

Liability

Neither the University of Florida, nor the Department of Astronomy system staff will be held liable for any damages or loss of productivity resulting from network access, revocation of network access, and/or confiscation of equipment as part of an investigation or inquiry. The user of the device may be liable for any damages and/or reported to authorities including the University Security Team, the University Police and/or Student Honor Court, resulting from illegal use of the department network.

Software Licensing

All users of university owned computing equipment must comply with the terms of software licenses in accordance with state law and university policy.

The University of Florida has negotiated site licenses for various products including Microsoft Office, McAfee Virus Protection, and others. Additionally, the University of Florida has purchased bulk licenses for products such as Adobe Acrobat, thus making them available at a reduced rate. Most of the software products are available from the University of Florida Soda Shop. If you need to order software from the Soda Shop, the system staff will place your order; send an email request to admin at astro.ufl.edu.

Just because a user may have the software media on CD-ROM, they should not assume that they have a license, or right, to use the software. If in doubt, please contact the Astronomy System Staff at admin at astro.ufl.edu.

A Note About Microsoft

The University of Florida has entered into a site license with Microsoft. The site license covers the Microsoft Office product and upgrades to Microsoft Windows. It does not cover any other Microsoft product.

The campus agreement also covers use on home computers for all staff members. This includes faculty and graduate assistants that receive a paycheck from the University of Florida. While you are on the University Payroll, you may use products that are covered by the agreement on your home computer. Faculty that are on nine month appointments may use the software throughout the course of the year.

Products not covered include: Visio, Frontpage, Project, and Virtual PC. Users of these products need to purchase adequate licenses to cover their use.

The campus agreement has been signed for a three-year period, expiring on October 17, 2007. For more information on the campus agreement, please visit the Campus Site License Agreement Web-site.

Computers Managed by Astronomy System Staff

System staff manage computers running Solaris, Linux, Windows, and Macintosh operating systems. Departmental system staff will maintain operating system patches and anti-virus definitions for devices they manage. Application of patches and software updates may be performed as part of a regularly scheduled process, such as Windows Update.

In the event that a computer managed by the system staff has suffered system software corruption, been infected with a virus, or otherwise become disabled or unusable, the system staff will provide a best effort at protecting the data integrity of the machine while maintaining network connectivity. However, under some circumstances it may be necessary to remove the device from the network and re-image the unit; in the event that the device must be re-imaged, a backup of the data will be made prior to the re-imaging, and restored once the device has had the operating system restored and all patches applied.

Computers Managed by Others

Computers managed by others, or self-managed devices, include personally owned machines including laptops, and machines that are owned by the department but managed by the primary user instead of the departmental system staff. The department system staff typically do not have administrative access on these devices. Operators of these self-managed devices must comply with the University of Florida Security Policy. All self-managed devices must be registered with the system staff before they can connect to the Astronomy network. To register a device, send an email to admin at astro.ufl.edu.

In agreement to the University of Florida Security Policy, the operator who manages a self-managed device will maintain security patches and updates on the device, or risk losing network access.

Because system staff lack administrative access to these self-managed devices, there is limited help that they can provide in resolving technical problems with these devices. Although the system staff will make their best attempt at helping to troubleshoot a self-managed device that is "acting up," the system staff may not be able to resolve the problem.

System staff are not responsible for installing and maintaining software on self-managed devices, although the system staff may choose to help users with software installation and configuration if they have free time. For example, system staff have been known to assist users with configuring their personal laptops, however the system staff are not responsible for performing these duties.

Any self-managed device that causes a disruption of the department network will be removed from the network until the cause of the disruption has been corrected; the system staff will make attempts to notify the primary user after the machine has been disconnected from the network.

Any notification that the system staff receive from the University Security Team about a self-managed device that has disrupted the campus network, or is engaged in illegal activity, may result in the device being permanently banned from the department network.

Because computers managed by the system staff need to be connected to the network in order to get security updates, users should never unplug a departmental computer in order to connect their own device to the network. Any user caught unplugging departmental computers may have their network access suspended.

Exceptions: Some machines are co-managed by the system staff and the primary user. Under these unique circumstances, the policy regarding Computers Managed by Astronomy System Staff applies.

Instrumentation Lab

Although the instrumentation lab is connected to the Astronomy network, they have special needs which this policy will attempt to address.

Most of the machines within the instrumentation lab are self-managed machines, and as such the policy regarding Computers Managed by Others applies with the following exceptions:

Private Non-Routed Network

Firewall - Due to the requirements of the instrumentation lab, a firewall has been established which blocks all incoming traffic to machines physically residing within the lab. The department system staff manage and maintain the firewall, and will update the firewall rules to allow external collaborators access to instrumentation lab equipment. Currently, access is granted through the firewall via the Astronomy VPN managed by Network Services, and from all other hosts residing on the Astronomy network.

Software Patches - Due to the intricacies and interaction of certain software packages, such as embedded compilers which require Windows NT 4.0, when certain operating system patches may adversely affect the operation of a device, those instrumentation lab computers are exempt from the requirement regarding software patches. However, all devices which can be patched, should be patched.

If a device residing within the instrumentation lab is managed by the department system staff, it will be treated like all other computers managed by astronomy system staff. If the machine is re-imaged by instrumentation lab staff, then the device will no longer be treated like a department managed device, and this policy will apply.

Devices residing within the instrumentation lab that are disruptive to the departmental network will be isolated from the rest of the department through rule changes on the firewall, thus allowing those devices to continue communicating with other devices residing inside of the instrumentation lab. Devices residing within the instrumentation lab that are disruptive to the outside network, both the University of Florida network and the internet at large, will be removed from the network, and notification will be sent to the device manager.

Enforcement & Incident Response

The Department of Astronomy provides access to network resources for various different research groups. To prevent misuse from disrupting operations and affecting other users, system staff or another designated agent, may disconnect and/or confiscate any device suspected of violating this policy, state and federal law, and/or the University of Florida Acceptable Use Policy.

Modification of Terms

The University of Florida and/or the Department of Astronomy may change the terms of this agreement at its discretion. Major changes to this policy will be announced and posted on the Astronomy IT Web-Site. It is the computer users responsibility to stay informed of any changes to this agreement.