Network Access Compliance Policy

Projects related to getting the campus into compliance with this policy are currently under development or in progress.

Originally Issued:

July 2012

Contacts:

Download Policy Document (PDF)

Policy:

The UNLV networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. is divided into publicly accessible and non-publicly accessible areas. SystemsDevices and applications accessed via the network. may be placed on the UNLV networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. only in consultation with and with the approval of the Office of Information Technology (OIT). SystemsDevices and applications accessed via the network. in the non-publicly accessible areas of the networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. can be accessed only through methods approved by OIT.

OIT Approved Method for Accessing Non-publicly Accessible Areas of the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices.

VPN Software

Virtual Private NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. (VPN) software allows for a temporary encrypted connection to the networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. from off campus.

Please visit the UNLV VPN information page for instructions on utilizing the UNLV VPN service. 

If the approved method is not meeting your need, please lorita [dot] chesler [at] unlv [dot] edu (subject: Network%20Access%20Policy%20Exception%20Request) (contact the policy owner).


Statement of Purpose:

  • Create a secure networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. environment for UNLV's computerAny university-issued desktop or laptop, listed as property of UNLV/NSHE on the university inventory list, regardless of whether the desktop or laptop is properly labeled or tagged as such. and networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. resources by establishing different levels of networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. access to meet the needs of UNLV staff and students as well as the general public.
  • Ensure UNLV is in compliance with the Nevada System of Higher Education (NSHE) guidelines and networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. security best practices.

Entities Affected By Policy:

Entities affected by this policy include UNLV students and employees and anyone who accesses the UNLV networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices..


Who Should Read This Policy:

UNLV students and employees and anyone who accesses the UNLV networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. should read this policy.


Exceptions:

  • Currently, there are no predefined exceptions to the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance policy
  • Exceptions will be made on a case-by-case basis

To make a request for expanded networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. access, please complete the OIT Policy Exception Form.

Exception requests will be processed within 10 business days of receipt of the request.  If an exception is created, the exception will be audited on an annual basis. The owner of the system or a listed designee must respond to the annual audit and verify that the exception is still required.

Upon approval of the exception, OIT staff will work with the requester to establish the parameters for placing their system on the networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices.. To establish appropriate placement on the networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices., the following information will need to be provided and/or developed:

  • Technical documents that detail the networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. protocols and services provided by the system
  • Beginning/end dates and hours of operation of the system
  • Topology diagrams showing interconnects with the UNLV networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices., the Internet, and other private networks
  • A risk mitigation and audit plan to protect sensitive dataThe observations and information collected or accessed during the performance of services, including protected information and images with a reasonable expectation of privacy. and preserve the integrity of the UNLV networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices.
  • Designation of primary and secondary points of contact who will respond to changes or problems related to the system

Exceptions will be reviewed annually.

Changes to the exception may only be requested by the system ownerA full-time UNLV employee who is responsible for the system, knows the function(s) of the system, authorizes access, knows who the data owners are, and understands what data the system stores, processes, or transmits. or a documented designee appointed by the owner.


Frequently Asked Questions:

What is the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy?

The policy requires that all networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. connected devices at UNLV be protected from the internet by firewalls or other networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. security mechanisms. Devices which require inbound access from the internet such as servers should be located in a DataThe observations and information collected or accessed during the performance of services, including protected information and images with a reasonable expectation of privacy. Center. All other networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. systemsDevices and applications accessed via the network. such as desktop computersAny university-issued desktop or laptop, listed as property of UNLV/NSHE on the university inventory list, regardless of whether the desktop or laptop is properly labeled or tagged as such., printers, mobile devices  etc. will not be allowed to act as servers or receive direct inbound connections from the public internet. 

Why is the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy being implemented?

The policy is being implemented as a result of guidance provided through the NSHE Security Audit conducted in the Spring of 2011. The security audit directs UNLV to adhere to the NSHE Procedures and Guidelines manual (PGM) chapter 14 Section 3.3.  Providing a firewall between networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. devices and the public internet is also a best practice procedure by the National Institute of Standards and Technology.

How will the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy affect my daily work at UNLV?

Most UNLV staff and students will not need to take any action and may not be aware of this policy. If you are operating a server or trying to reach your desktop computerAny university-issued desktop or laptop, listed as property of UNLV/NSHE on the university inventory list, regardless of whether the desktop or laptop is properly labeled or tagged as such. from home or another remote location you may need to take action as described in the sections below.

How do I connect to my UNLV desktop computerAny university-issued desktop or laptop, listed as property of UNLV/NSHE on the university inventory list, regardless of whether the desktop or laptop is properly labeled or tagged as such. from home or another remote location if it is behind the campus firewall?

UNLV provides a Virtual Private NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. (VPN) for this purpose. The VPN allows you to connect from a remote location to the campus. The VPN client works with Windows, Mac, Android and iPhone. You can learn more here: https://oit.unlv.edu/vpn

I manage a server which is located in my office. My department uses this server to improve our productivity. We need to connect to this server from the internet and around campus. Will the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy prevent us from connecting to this server?

Access from the internet to this server will be restricted by the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy. OIT staff can work with you on moving your server into a managed dataThe observations and information collected or accessed during the performance of services, including protected information and images with a reasonable expectation of privacy. center. Once the server is in a dataThe observations and information collected or accessed during the performance of services, including protected information and images with a reasonable expectation of privacy. center, we can make exceptions to networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. access rules so your server can be reached from the internet and from campus locations as necessary. The dataThe observations and information collected or accessed during the performance of services, including protected information and images with a reasonable expectation of privacy. center will also provide many other benefits such as redundant power and cooling systemsDevices and applications accessed via the network., physical security, monitoring and easy remote access options. You can learn more here: https://oit.unlv.edu/network-and-security/data-centers

I need to manage my own internet connection or maintain my own firewall. I do not want my networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. access filtered by the campus firewall. What options do I have?

Generally this approach is not necessary as UNLV can pass dataThe observations and information collected or accessed during the performance of services, including protected information and images with a reasonable expectation of privacy. to you through the campus firewall without blocking any protocols. However, if you request and receive approval for an unfiltered networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. connection, you will be provided with networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. addressing and networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. connectivity. Please note that this type of networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. service will be positioned outside of the security perimeter of the campus. With this configuration, your security relationship to UNLV internal resources will be similar to any other internet user. For example, connectivity to private networks, internal servers and services will not be available.

I have a research project which requires custom networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. access and may conflict with the NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy. Will this policy limit my research activity?

The NetworkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. Access Compliance Policy is not intended to limit research or academic activities. A simple process has been developed to help you request an exception to the policy. Once you complete the web-form linked below, an OIT staff member will review the request and work with you to configure your networkAn underlying infrastructure of cabling, equipment, and management software that electronically transmits and directs the flow of information among devices. access.

OIT Policy Exception Form

We are working with a vendor who needs to connect to a computerAny university-issued desktop or laptop, listed as property of UNLV/NSHE on the university inventory list, regardless of whether the desktop or laptop is properly labeled or tagged as such. system at UNLV from the vendor’s remote location. How do we allow the vendor remote access to manage or support our systemsDevices and applications accessed via the network.?

Many vendor solutions can be supported by the UNLV VPN service.

https://oit.unlv.edu/vpn

 If the VPN service does not meet the requirements of the system, please complete the exception form below and an OIT staff member will be in contact to assist you with reviewing your requirements and designing a solution which meets your needs. 

OIT Policy Exception Form