OIT Home > IT Policies > ResNet Virus Protection

ResNet Virus Protection

Issued by: The Office of the Executive Director, OIT

July 28, 2003 – Original Policy Written

 

Objectives

The principal concern of this computer virus protection policy is effective and efficient prevention of network virus outbreaks and network security attacks involving computers associated with Auburn University's ResNet network. The primary focus is to ensure that ResNet customers are aware of and take responsibility for the proper use of the University-provided and Office of Information Technology (OIT)-supported virus protection software. This policy is intended to ensure:

1. the integrity, reliability, and good performance of ResNet computing resources;
   
   
2. that the ResNet user community operates according to a minimum of safe computing practices;
   
   
3. that the University licensed virus software is used for its intended purposes; and
   
   
4. that appropriate measures are in place to reasonably assure that this policy is honored.

Policy

Centrally provided virus protection software will be run on all ResNet computers connected to the Auburn University Network.

 

Virus Protection Management Structure and Support Procedures

• Goals
• Compliance
• Office of Information Technology
• ResNet Customers
• Distribution

Goals

• Prevent all infections. When that is not possible, create an outlet for notification and annotation of virus outbreaks for ResNet support personnel and end-users so that future breaches can be prevented.
  
  
• Prevent the loss of information/data and software on ResNet computers and minimize the cost of computing maintenance and network downtime by virus outbreaks.
  
  
• Distribute updates of virus protection software and other important campus-supported software to all ResNet-affiliated computer users. Virus protection software that is note used cannot prevent infections.
  
  
• Create a system for automatic, immediate notification of the ResNet user community once an outbreak has been detected.
  
  
• Require a minimum of end-user responsibilities in regard to computer virus protection practices.

Compliance

Virus protection is most effective if every computer on the ResNet network has anti-virus (AV) software installed and is actively monitoring network activities. The University provided AV software will distribute virus signature updates once properly configured. The anti-virus software will be available for ResNet -affiliated users to install on computers on ResNet. The Help Desk or ResNet shop can assist in the installation process.

 

OIT will monitor network activity and initiate appropriate action to control infection. OIT has the responsibility to disconnect any host that does not have the University provided AV software installed or any host known to be an infecting agent.  A “best effort” approach will be instituted to notify the customer prior to any disconnection.  Such a disconnection is an emergency action.

 

The customer will be contacted immediately and OIT / ResNet Shop will work with the customer to solve the problem.

Office of Information Technology (OIT)

OIT is considered the Service Provider for ResNet anti-virus policy and implementation. OIT will be responsible for maintaining the primary software distribution server dedicated to the administration of virus protection policies and procedures on users' computers.

 

OIT Responsibilities

• Acquire the licenses for anti-virus software that have been decided on by the Virus Protection Committee for use by ResNet.
  
  
• Procure software and updates from the vendor, as they are made available.
  
  
• Expeditiously make the software and updates available to ResNet customers.
  
  
• Configure software for distribution in accordance with current AU policy.
  
  
• Provide methods for users to update their anti-virus engine and definition files on their own at regular intervals.
  
  
• Provide documentation for users.
  
  
• Provide end-users with information on how to acquire the current anti-virus software and, how they work, and how to use them.

Noncompliance

Any system determined to be an infecting agent will be taken off the network or the infection effectively eliminated by the ResNet customer. OIT has the authority to disconnect such an infected system from the network until the infection is effectively eliminated if the customer fails to manage the infection in a timely manner.

ResNet Customers

Computer systems connected to the ResNet network will run anti-virus software, and it should be active at all times. The ResNet customer is responsible for keeping the computer system compliant with this virus protection policy.

 

Responsibilities

• Install and maintain current virus protection software.
  
  
• Be certain that the software is running correctly. If these responsibilities appear beyond the end-user's technical skills, the end-user is responsible for seeking assistance from OIT Help Desk or the ResNet Shop.
  
  
• Initiate disinfecting procedures or seek assistance from OIT or the ResNet Shop.
  
  
• Perform regular backups. Virus infections often destroy data on an individual's computer. Without proper backups, recovery of destroyed files may be impossible.

Noncompliance

ResNet customers not complying with this c6.omputer security policy is subject to LOSS OF NETWORK PRIVILEGE and SERVICE INTERRUPTION.   Noncompliance will result in network disconnection.

 

In addition, noncompliance means they leave themselves and others at risk of virus infections, which could result in

• damaged or lost files
• inoperable computer resulting in loss of productivity
• risk of spread of infection to others
• confidential data being revealed to unauthorized persons

An individual's non-compliant computer can have significant, adverse affects on other individuals and the entire ResNet network. Hence it is critical to bring all computers into compliance as soon as they are discovered to be in noncompliance.

 

Support for End-User Computers

This virus protection policy includes Windows-based Macintosh, Unix, and Linux operating systems. OIT will give priority support for client computers running Windows-based operating systems because 98% of all virus and worms specifically target Windows-based computers. Hence computers running the Macintosh, Solaris, and Linux operating systems are likely to be less well supported.

 

Individuals who use Macintosh operating systems will be provided with a copy of the University-supported anti-virus software for their particular operating system.  Unix and Linux users are encouraged to seek publicly available or commercial firewall software from a reputable source, use tcp wrappers and/or employ OS hardening methods to their system.

Distribution

OIT is responsible for distributing the software for initial installation and subsequent updates. Although the distribution mechanism depends in part on the specific virus protection software acquired by the University, most include the following distribution methods:

• scheduled, unattended updates by the client via FTP, Web, or propriety agent.
• attended updates initiated by the user of the client via FTP, Web, or propriety agent.
• scheduled, unattended updates initiated by the server via FTP, Web, or propriety agent.

Unless there is a compelling rationale otherwise, all updates will be scheduled. Further, if distribution mechanisms allow, the server will initiate updates.  This will provide the highest level of protection for client hosts. Server-initiated updates will normally be timed; however, in the event of a virus outbreak, updates can be pushed to client computers without intervention by the user of the computer.

Last Updated: Jan. 22, 2011