Establishing Responsibility and Procedures for Network Management and Operations (1)
Information flowing across networks cannot be secured without effective management of the physical and logical network infrastructure, including physical cabling, logical topologies, network devices, and network services. A centralized entity with appropriate responsibility and authority is generally the most effective way to ensure consistency and manageability across the University's Intranet and Extranets.
Centralized management of University networks allows for a strategic network design and architecture that can be more readily optimized for performance, availability, and security. There are a number of general subjects when describing best practices for managing networks. For example:
- All endpoints should terminate to network switches to remove the possibility of internal network traffic sniffing by computers and users.
- Highly sensitive data and traffic such as for Data Centers or communications facilities should be isolated through virtual LAN (vLAN) technology and/or Firewalls.
- Highly unregulated traffic such as for student residence halls should be isolated.
These topics are included in Best Practices:
- Wired vs Wireless
(1) Excerpts from https://spaces.internet2.edu/display/2014infosecurityguide/Communications+Security