About this policy
Policy contact:
Date of last update:
March 12, 2019
Policy statement
Systems (servers and workstations) should use the most secure network available that can provide the access to resources required.
Exceptions to policy
There are valid reasons for having a server in the public address range.
- Collaboration with research projects at other universities (such as OSG)
- Providing information to the public on research projects
- The need to access public sites for code, patches, or security updates on required software
Procedures
Indiana University supports several network topologies:
- Public University addresses - published by UITS and registered with ARIN
- Non-routed networks 10.x.x.x and 192.168.x.x
Each request for a system is evaluated to determine the access requirements of the requestor. The default IP address is a non-routed network address. The requestor must provide written requirements in a Footprints ticket for access to resources external to IU that would require a public network address. This documentation will be used during audits or policy reviews.