MUSC Campus Network Standards: Network Layer
Requirements for network connectivity
- Authorized users of the network
MUSC faculty, staff and students are the only persons authorized to connect computing and/or communication devices to MUSC's campus network. A device may be connected by one of these authorized users if and only if the device has been configured, and will be maintained and operated, in accordance with the minimum standards described in this document. Visitors and guests on the MUSC campus, including vendors and contractors, may not connect any device to the MUSC network without explicit authorization from a member of the MUSC faculty or staff.
- Accountability for each connected device
No device may be connected to MUSC's campus network unless an identified person will be responsible for ensuring that the device is configured, maintained and operated in accordance with the minimum standards described in this document. For any device connected by an MUSC faculty or staff member, or by an MUSC student, the individual who connects the device is by default the person who is held accountable for the device. For any device connected to the network by a visitor or guest, with authorization from a member of the MUSC faculty or staff, the authorizing faculty or staff member is by default the person who is held accountable for the device.
- Requirements for each connected device
MUSC may deny network connectivity to any device that does not meet the minimum standards described in this document. MUSC may remove (disconnect or quarantine) any device from the network, in the event that the device is interfering with other devices or resources on the network, or the device's presence on the network creates unacceptable security risks for MUSC.
Before any device may be connected to the network, the person accountable for its connection to the network must ensure that the device itself is protected against any reasonably anticipated security threats. In addition, he is responsible for ensuring that adequate safeguards are in place to protect against any reasonably anticipated threats that the device, or any persons or agencies with access to the device, might pose to MUSC's network, or to any information resource accessible through MUSC's network. At a minimum, MUSC's current security guidelines for networked systems should be consulted prior to connecting any system to MUSC's network.
- Layers 1-2
The wired portion of the MUSC network consists of a collapsed Ethernet backbone. Centrally administered Ethernet switches and routers comprise the network core. From the core, distribution layer switches located in each building provide VLAN trunking to access layer switches on each floor.
For wired connections, MUSC requires the installation of Category 5E cable for both Ethernet and telecom circuits. In areas where conduit is not required, category 5E cable must be plenum rated to meet building/fire code requirements. In addition to Cat 5E cabling, all other components that comprise telecom or Ethernet circuits (e.g. punch-down blocks, jacks and cross-connects) must be Cat5-rated.
The MUSC network supports wireless access using specific 802.11 standards. All wireless connections to the MUSC network must meet the requirements defined in the MUSC Wireless Networking Policy.
MUSC supports remote access to MUSC's campus network through centrally administered PPP and VPN services. These services support MUSC faculty, staff, students, and business partners (contractors and vendors). Any remote network connection with any MUSC business partner requires the execution of a