School of Engineering Policy on Client Machine Administration (Draft)
General Policy:
ENGR network connections for faculty, staff and student managed machines are supported. The client machine administrator assumes responsibility for their machine. Client machines not in compliance with following guidelines or otherwise causing possible threats, danger or disruption to the ENGR network may be immediately disconnected without notice.
Client Machine Administration Guidelines:
Operating Systems (OS) patches/updates must be kept current
Older OS versions may be denied access
Virus protection patches/updates must be kept current
Major application package security patches/updates must be kept current
File and print sharing is to be disabled
You are required to normally operate as a non-privledged user on the client machine
Create regular user account for normal activities
Use administrator/superuser only for system maintenance
Must have user authentication to access client machine
Must have a screen lock with a password for unlocking
ENGR Network Guidelines:
One data jack is connected to one machine only
Network jacks cannot be "shared"
Repeaters/hubs/switches are not allowed
Client machines cannot act as a router
Wireless AP may not be connected to a network jack
Physical Security
Room housing machine should be locked when not in use
Additional cable lock might be required in rooms with public access
Unnecessary Server or Client Processes
Server processes such as ftp, telnet, web or email are not allowed
If enabled by default by your OS, they will need to be shut off
