User login


Network Protection Policy

Effective Date: October, 2013


I. Introduction

The secure management of the Columbia University Network (as such term is defined in the Columbia University Information Security Charter (the “Charter”) [],  which may span organizational boundaries, requires the careful consideration of the flow of information and the regulatory requirements regarding monitoring and protection of Networks. The University requires that all Network, communications and telecommunications related equipment and devices, including cabling, be installed and maintained by Columbia University Information Technology (CUIT) or by Columbia University Medical Center Information Technology (CUMC IT), either alone or in collaboration with NewYork-Presbyterian Hospital Information Technology (NYPH IT).

A PDF of this policy is also available to the right.

Capitalized terms herein without definition are defined in the Charter.


II. Policy History

The effective date of this Policy is November 1, 2013. This Policy replaces the University Network and Communications Equipment
Policy, dated June 2011.


III. Policy Text

This Policy applies to all communications cabling, equipment
and infrastructure devices, including but not limited to the following: telecommunications switches, data networking switches and routers, wireless access points, cellular distributed antenna systems, cellular repeaters and/or bi-directional amplifiers, cellular macro sites, cable and satellite television reception and distribution equipment.

A. Standard Requirements

1. The following equipment must be installed and maintained by CUIT or CUMC IT:

  • Communications cabling, including any permanent cabling and/or cabling between workspaces and rooms intended to be used for voice and data networking or other communications;
  • Routers on the University Network that serve to segment the Network;
  • Communications switches and hubs (e.g., Ethernet switches) on the University Network;
  • Wireless Access Point (WAPs) and other wireless devices that provide access to, or bridge, the University Network;
  • Telecommunications equipment (e.g., PBXes, VOIP systems, etc.);
  • Cellular telephone (voice and data) communications infrastructure cabling,
    antennas, and equipment; and
  • Cable and satellite television infrastructure cabling,
    antennas and equipment.

2. CUIT and CUMC IT staff implement the appropriate logging
and monitoring of Networks in accordance with the Columbia University Information Resource Access Control and Log Management Policy

3. Standard protections are established by the applicable Information Security Office and implemented by CUIT or CUMC IT staff to safeguard the confidentiality and integrity of University information passing over public and wireless Networks.

B. Bandwidth Quotas

To maintain Network performance, CUIT has implemented an automated Network bandwidth quota system. Individual computers may be limited in either the inbound or outbound direction. Limits are imposed only on off-campus traffic to or from the Internet. Traffic on the University's internal Network and on Internet2 is not restricted in any way.

The parameters of this system may be changed without prior notice in order to ensure proper functioning of the Network
for the University community.

An exception to the Internet bandwidth limitations may be granted for Servers used for legitimate University business through the
use of the Network Quota Exception Request

See Bandwidth Quotas and Network Performance for more information on bandwidth quotas.

C. Waivers and Exceptions

Existing or future Network or communications infrastructure that is not maintained by CUIT or CUMC IT as of the effective date of this Policy may be granted a waiver from the requirements of this Policy with the written approval of CUIT or CUMC IT. A description of the infrastructure and a rationale for the request should be submitted
to CUIT or CUMC IT by an Executive Manager. If approved, the exception will be subject to annual review.


IV. CrossReferences to Related Policies and Other Documentation

The Information Security Policies and certain additional documentation are listed in Appendix A hereto.

Appendix A

Related Policies and Other Documentation


Bandwidth Quotas and Network Performance

Information Resources Access Control and Log Management Policy policy

Information Security Charter

Network Quota Exception Request