IT Services



OxCERT - Emergency Response Team




Title of Service: Network Security Services (OxCERT)

Status of Document: This document describes services offered in July 2011.

Contents



1. Introduction

1.1 The University runs an "open" network, with many means of access to and from the outside world. It has high-bandwidth connections to the Internet, making it a prime target for those wishing to compromise computers to use for further exploits. The devolved responsibility for maintaining and updating systems means that many are vulnerable.

1.2 The Network Security Team (OxCERT) is tasked to:

The team has a documented policy on network monitoring and log retention, as well as further information on incident handling.



2. Summary of OUCS's responsibilities

Hours of Service

2.1 The service operates during normal office hours. Periodic monitoring takes place outside these hours, and informal arrangements exist for staff to be called, but no funding is provided to make this contractual.

Serviceability Targets

2.2 OxCERT will normally aim to respond to requests to remove blocks againsts systems or accounts within one working day. Where a block cannot be lifted immediately, OxCERT will respond detailing the additional actions required.

Resilience

2.3 Not applicable.

Alternative Facilities

2.4 Not applicable.

Hardware and Software Maintenance

2.5 Not applicable.

System Development

2.6 Not applicable.

Administration and Support

2.7 Information for departmental and college ITSS is given at http://www.oucs.ox.ac.uk/network/security/

2.8 All correspondence should be sent to oxcert@it.ox.ac.uk.



3. Education and Training

3.1 Not applicable, though OxCERT does provide occasional briefings to IT Support Staff as well as extensive documentation and material online.



4. Summary of client's responsibilities

4.1 Responsibilities are laid out in the University Regulations Relating to the use of Information Technology Facilities and the Information Security Policy.

4.2 Owners and administrators of computers connected to the university network are responsible for ensuring their security, especially against threats which may endanger the security or stability of other university systems or services.

4.3 Network administrators should take reasonable measures to ensure that the source of any abuse arising from their network can be traced. This includes maintaining adequate logs in accordance with OxCERT recommendations, especially where technologies such as Network Address Translation (NAT) are used.

4.4 The client will provide: contact details of the person or persons with responsibility for departmental and college services, with whom OUCS can liaise.

4.5 Clients are expected to respond to requests for information or to take action within a reasonable amount of time. In particular, requests for server or NAT logs are generally high priority and unless otherwise indicated, these should be supplied within four working hours.



5. Premium services

5.1 Not applicable.