Policies: Server Management Policy
For the purposes of this document, a "server" is defined as a computer system that is connected to the UT Dallas campus network and provides services to multiple individuals at the same time. The "owning entity" is either Information Resources or the UT Dallas school/department maintaining and operating the server.
This policy is designed to insure that all UT Dallas servers are maintained and operated in a safe and effective fashion. This is achieved by routine monitoring and timely updating of the operating system to reduce vulnerabilities and timely response when unexpected failure or contamination (of whatever nature) occurs. In addition, backup procedures (appropriate for disaster recovery and compliance with applicable laws and policies) must be routinely performed.
Mandate and Authority
- University of Texas System Guidelines UTS 165 (formally BPM 53-96-02) and the Texas Department of Information Resources (DIR) "Information Security and Risk Management Policy Standards and Guidelines" as published in the Texas Administrative Code TAC 202 and as authorized by the Information Resources Management Act (Vernon's Ann. Civ. St. Article 4413(32j)).
- Memorandum from University of Texas Chancellor Yudof, dated March 7, 2003. The content of the memorandum defines a comprehensive system inventory, including known vulnerabilities, to be maintained and reported by each university component.
Server Management Responsibilities
It is the responsibility of each UT Dallas owning entity to insure that its servers are maintained and operated in a safe and effective manner. Information Resources provides a "Server Best Practices" document to assist with that process in addition to offering consulting services and server management services (see Server Resources below).
Basic server management responsibilities include (but are not limited to):
- Routine monitoring of server operation
- Timely maintenance of the operating system (updates & patches), including access and security controls
- Disaster recovery planning and procedures (documented) including system and file backup
- Timely & effective communications with Information Resources Security and/or network management staff as needed
Other important aspects of server management include:
- Capacity planning
- System Performance & Optimization
Monitoring and Verification
Information Resources is directed to develop and maintain a Server Registry that facilitates compliance with the Chancellor's mandated security efforts and assists Information Resources in diagnosing, locating and dealing with security incidents on the campus network. All owning entities will be required to supply basic information (e.g., location, contact information for the responsible individual, etc.) about their server(s) for inclusion in the Registry. Another data element in the Registry will document the support level that Information Resources provides for each server.
Information Resources will perform routine scans of the network to monitor compliance with this policy. Notification of maintenance deficiencies identified (including lack of inclusion in the UT Dallas Server Registry) will be made to the Executive Director of Information Resources, the Chairperson of the Information Resources Security Committee and the owning entity of the server(s) involved.
Servers out of compliance with the provisions of this policy for more than 30 days after notification of such circumstances may be removed from the campus network with concurrence of the Executive Director of Information Resources (or designee in his/her absence) and the Chair (or Vice Chair in Chair's absence) of the Information Resources Policy and Planning Advisory Committee.
Emergency circumstances, wherein a server has been compromised and represents a threat to the UT Dallas campus network and/or the internet community, will be addressed with all possible speed by Information Resources. If Information Resources is either the owning entity or has been identified in the Server Registry as responsible for the management of the affected server, Information Resources will immediately remove the server from the campus network, otherwise, Information Resources will attempt to notify the responsible individual(s) (as recorded in the Server Registry) of the need to disconnect the server. If the responsible individual cannot or will not act immediately, then Information Resources will remove the offending server (logically and/or mechanically) from the network.
Server Management Services
Information Resources provides, at the owning entity's election, cooperative server management support at one of three levels:
- Owner Support At this support level, the owning entity is solely responsible for the proper management and operation or their server(s)(as delineated in Server Management Responsibilities) and the timely and accurate maintenance of the Server Registry information entries for their servers.
- Negotiated Support At this support level, Information Resources staff will provide the negotiated level of support. You will be contacted by Information Resources staff to negotiate the proper level of support for your situation.
- Server Management Best Practices
- Registering New Servers and Requesting External IP Addresses
- Network Connection Policy
- Server Registry (You MUST be on a UT Dallas Network or using VPN)
Note: While this policy is meant to be a definitive policy and guide to effective server management at UT Dallas, it is recognized that not all specific situations and/or problems can be addressed by a policy. Nonetheless, each owning entity will be ultimately responsible for safe and effective management of each of their computing servers.