Network security management practices aim to ensure the confidentiality and integrity of data in transit over IT networks, while preserving authorized access and preventing unauthorized access to those networks and the resources connected to them. Network Security (DS-14) applies to the safe and secure use and operation of U-M networks.
Network Security Threat Detection
As part of its larger threat intelligence and mitigation efforts, the university takes an innovative approach to network security that combines cutting edge technologies, open source tools, and U-M's MITN threat intelligence framework to provide Network Security Threat Detection that scales across our entire network.
Use U-M Networks Responsibly
Access to U-M networks is provided in support of the academic, educational, research, and administrative activities of members of the U-M community. Users are responsible for all activities that originate from their U-M computing account and devices and for complying with Responsible Use of Information Resources (SPG 601.07). Students who live in on-campus housing are also responsible for complying with the U-M Network Responsible Use Agreement.
Activities such as cryptocurrency mining (other than for faculty-approved research), which can leave openings for attackers to exploit and consume U-M resources for non-university purposes, are violations of SPG 601.27. U-M reserves the right to quarantine or disconnect any system or device from the campus network at any time.
Guidance on use of unauthorized VPNs or similar extensions of U-M networks
As defined in Network Security Standard (DS-14 ), unauthorized use of network extensions to bypass blocked insecure remote access protocols (IRAP) is a risk to the security of U-M’s digital assets and runs counter to the standard. Extensions to the network include, but are not limited to:
- Routers, switches, and hubs.
- Wireless access points.
- Firewall appliances.
- VPN servers or VPN-like devices and programs (e.g. Wireguard, TeamViewer, or similar).
Extensions to the U-M network must be documented by the requesting unit, then reviewed and approved by appropriate campus network administrators, ITS Networking, and ITS Information Assurance. When unapproved network extensions are identified, they will be blocked without notice.
If you believe you have a need to create an extension of the U-M network, contact ITS Networking through the ITS Service Center.
Operate U-M Networks Securely
UM-Ann Arbor Networks
Information and Technology Services (ITS) manages most networks (wired, wireless, and VPNs) for the UM-Ann Arbor campus. For details about security services for these networks, including firewalls, see ITS Network Security.
UM-Dearborn
ITS Network Services develops and supports network systems for building, server, and core infrastructures at UM-Dearborn. This includes routing to the internet, network distribution to and throughout campus buildings, wireless, firewalls, Voice over IP, email, files storage, and group directories.
UM-Flint
The Network Systems Support (NSS) group develops and maintains the network, administers access to the LAN and UNIX and Windows servers for academic computing, and administers campus-wide communication software. NSS also maintains network software and print queues, engineers campus computer labs and classrooms, and manages system security. ITS-Flint provides campus wide wireless network to faculty, staff, and students.
Michigan Medicine Networks
Health Information Technology and Services (HITS) provides computer network access, both wired and wireless, to the entire academic medical center, including more than 45 remote locations. For details, see HITS: WiFi & Networks.
Unit Networks
If you manage networks for your unit, see Unit Network Security Management for your responsibilities under Network Security (DS-14).
Applicable University Policies
You are responsible for complying with the policies and standards below. The requirements on this page help you meet that responsibility.