MUSC Network Connectivity Standards
Background and Scope
This document establishes general standards for connecting devices to MUSC's campus network. In many cases, these general standards for network connectivity are augmented by more specific standards that apply to specific types of devices.
The general requirements in this document must be met by any device that is connected to MUSC's campus network, whether by a traditional wired Local Area Network (LAN) circuit, by a wireless LAN (WLAN) connection, or by a remote access service such as PPP or VPN. The Owner of the device is responsible for ensuring that these requirements are met.
- Layers 1-2
The wired portion of the MUSC network consists of a collapsed Ethernet backbone. Centrally administered Ethernet switches and routers comprise the network core. From the core, distribution layer switches located in each building provide VLAN trunking to access layer switches on each floor.
For wired connections, MUSC requires the installation of Category 5E cable for both Ethernet and telecom circuits. In areas where conduit is not required, category 5E cable must be plenum rated to meet building/fire code requirements. In addition to Cat 5E cabling, all other components that comprise telecom or Ethernet circuits (e.g. punch-down blocks, jacks and cross-connects) must be Cat5-rated.
The MUSC network supports wireless access using specific 802.11 standards. All wireless connections to the MUSC network must meet the requirements defined in the MUSC Wireless Networking Policy.
MUSC supports remote access to MUSC's campus network through centrally administered PPP and VPN services. These services support MUSC faculty, staff, students, and business partners (contractors and vendors). Any remote network connection with any MUSC business partner requires the execution of a Partner Connection agreement. This agreement names the MUSC faculty or staff members who will serve as the administrative and technical point(s) of contact for the connection.
- Layer 3
IP is the only Layer 3 network protocol authorized on the MUSC network.
IP address allocation and configuration on the MUSC network is provided by a centrally administered DHCP service; other devices may not act as DHCP servers. Users may not connect any device with a statically configured IP address without prior authorization. Static addresses are subject to a monthly fee to cover the cost of their administration.
Routing of all network traffic is performed by the primary campus routing modules located in the core of the network. Other devices are prohibited from acting as routers, and must not participate in any exchange of routing information with MUSC's core routers.
MUSC may reconfigure subnets and VLANs at its own discretion, to accommodate changing institutional requirements. For this reason, all applications that run over MUSC's network should avoid any dependencies on the details of addressing or topology at Layer 3 or below. Practices that all networked systems and applications should follow include: use of routable IP protocols only, dynamic configuration of all devices using DHCP, and accessing network resources by name (e.g. DNS) rather than by address.
- Naming Services
Domain Name Service (DNS) is provided by centrally administered DNS servers, which also accommodate automatic DNS name registration for clients of MUSC's DHCP service. No device may be connected to MUSC's network if it will interfere with the campus DNS service.
- Network Management
MUSC operates an open standards-based network infrastructure, which includes network management functions based on SNMPv2 and SNMPv3. For network management purposes, MUSC routinely polls, queries, and scans all devices connected to MUSC's network, using SNMP and other standard protocols. No device may be connected to MUSC's network if it will interfere with MUSC's network management operations.
- MUSC Information Security Standards: System Security
- MUSC Information Security Standards: Workstation Security
- MUSC Computer Use Policy
- MUSC Policy: Information Security
- MUSC Policy: Information Security - Workstation Use
- MUSC Policy: Access Control