Network Security Management

Network security management practices aim to ensure the confidentiality and integrity of data in transit over IT networks, while preserving authorized access and preventing unauthorized access to those networks and the resources connected to them. Network Security (DS-14) applies to the safe and secure use and operation of U-M networks.

Network Security Threat Detection

As part of its larger threat intelligence and mitigation efforts, the university takes an innovative approach to network security that combines cutting edge technologies, open source tools, and U-M's MITN threat intelligence framework to provide Network Security Threat Detection that scales across our entire network.

Use U-M Networks Responsibly

Access to U-M networks is provided in support of the academic, educational, research, and administrative activities of members of the U-M community. Users are responsible for all activities that originate from their U-M computing account and devices and for complying with Responsible Use of Information Resources (SPG 601.07). Students who live in on-campus housing are also responsible for complying with the U-M Network Responsible Use Agreement.

Activities such as cryptocurrency mining (other than for faculty-approved research), which can leave openings for attackers to exploit and consume U-M resources for non-university purposes, are violations of SPG 601.27. U-M reserves the right to quarantine or disconnect any system or device from the campus network at any time.

Use of unauthorized VPNs or Extensions of U-M Networks will be Blocked

As defined in Network Security Standard (DS-14 ), unauthorized use of network extensions in general, and especially to bypass blocked insecure remote access protocols (IRAP), is a risk to the security of U-M’s digital assets and runs counter to the standard. Extensions to the network include, but are not limited to:

  • Routers, switches, and hubs.
  • Wireless access points.
  • Firewall appliances.
  • VPN servers or VPN-like devices and programs (e.g. Wireguard, TeamViewer, or similar).

Extensions to the U-M network must be documented by the requesting unit and submitted for review by ITS Network Infrastructure, following the Process for Documenting and Requesting Review for a Network Extension at U-M.

Unapproved network extensions are subject to blocking without notice.

Operate U-M Networks Securely

UM-Ann Arbor Networks

Information and Technology Services (ITS) manages most networks (wired, wireless, and VPNs) for the UM-Ann Arbor campus. For details about security services for these networks, including firewalls, see ITS Network Security.

UM-Dearborn

ITS Network Services develops and supports network systems for building, server, and core infrastructures at UM-Dearborn. This includes routing to the internet, network distribution to and throughout campus buildings, wireless, firewalls, Voice over IP, email, files storage, and group directories.

UM-Flint

The U-M Flint Information Technology Services (U-M Flint ITS) group develops and maintains the network, administers access to the LAN and UNIX and Windows servers for academic computing, and administers campus-wide communication software. They also maintains network software and print queues, engineer campus computer labs and classrooms, and manage system security.  ITS-Flint provides campus wide wireless network to faculty, staff, and students.

Michigan Medicine Networks

Health Information Technology and Services (HITS) provides computer network access, both wired and wireless, to the entire academic medical center, including more than 45 remote locations. For details, see HITS: WiFi & Networks.

Unit Networks

If you manage networks for your unit, see Unit Network Security Management for your responsibilities under Network Security (DS-14).


Applicable University Policies

You are responsible for complying with the policies and standards below. The requirements on this page help you meet that responsibility.