Network, Network Access and Communications
General Network Services
Office computers used by faculty and staff, as well as public, lab
and shared computers, are connected to the University network by a
100-Mbps Ethernet connection. Firewalls and Intrusion Detection Systems
are in place throughout the University network to provide enhanced
security features and to ensure safety for all network clients. All external connectivity is handled by several dedicated 1-Gbps connections to the Internet and Internet2 via the Merit Network. Oakland University is an Internet2 participant.
Wireless Network Connectivity
Oakland University offers wireless connectivity for registered staff, students, and faculty in most buildings on campus. In order to support as many different student devices as possible, Oakland University’s wireless networks do not use any encryption. This does not mean using the wireless network is necessarily insecure, but it does mean other steps must be taken to ensure the security and privacy of any sensitive data you transmit.
You should always connect to the official Oakland University wireless networks. This is “GrizzNet” throughout main campus and “Grizzlies” in the residence halls and student apartments.
It is also important to use websites and applications that use a secure connection when transmitting sensitive data. This includes web browsing, email clients, and some instant messaging clients. You can verify a web site is using a secure connection by looking for “https” in the address. To support this, Oakland University systems such as MySAIL, Webmail, Moodle, and Netreg all use a secured connection to transmit data to your browser.
Other wireless networks that may appear:
- GrizzNet-N - Enhanced network speeds for clients that support 802.11n protocol.
- voice - This is a prototype network for UTS testing and is not available to the community at this time.
- OUGolf - This is a guest access network for patrons of the Golf and Learning Center.
Network Access for Visitors, Guests, and Events
What is Network Access?
Network Access is the ability to use the wired and wireless networks provided by Oakland University. Network Access includes the ability to use a browser (i.e., Internet Explorer, Safari, Firefox, Chrome, etc.) to browse web sites or otherwise access the Internet.
Who can obtain Network Access?
Students, Faculty, and Staff of Oakland University may use Network Access by registering their device at https://netreg.oakland.edu and logging in with their assigned NetID and password. Employees (Faculty and Staff) are provided Network Access in order to successfully complete their work at Oakland University. Students are provided Network Access as a service with costs covered by tuition.
Who are Visitors and Guests?
Visitors are those people who visit the campus for short periods of time and their identity is not authenticated.
Visitors may attend events in designated locations. Guests visit for defined periods of time and the identity of a guest is authenticated by showing and recording a picture ID or through event registration.
Can Visitors obtain Network Access, particularly wireless Network Access?
Visitors may obtain Network Access in affiliated Oakland University areas, such as the Golf and Learning Center special facilities, special events in the Oakland Center, or special events in Meadow Brook Hall.
Can Guests obtain Network Access, particularly wireless Network Access?
Short-term Guests participating in an event in the Oakland Center or Meadow Brook Hall, or visiting Kresge Library, may obtain Network Access. For events in the Oakland Center or Meadow Brook Hall, plans for Network Access should be arranged at the time the event is planned. Event attendees should check with the event organizer about network access. Event attendees are responsible for compliance with the Digital Millennium Copyright Act and university policies and should note that network access activities are tracked and subject to legal action, such as subpoena.
Short-term Guests using Kresge Library desktop computers may arrange for wired network access on those machines by requesting a guest account at the Service Desk in the lobby of the library. Guests must present a valid photo ID card (Driver's license or state ID). Wireless access is not available in the Library for short-term Guests.
Long-term Guests are those who need Network Access for longer than one day. Long-term Guests must be sponsored by a department. The form NetID - Guest Account Request Form must be completed and submitted for long-term Guest Network Access. Access must be sponsored by a department. Oakland University does not sell or lease access.
Guests are responsible for compliance with the Digital Millennium Copyright Act and university policies and should note that network access activities are tracked and subject to legal action, such as subpoena.
Can a university department arrange Guest or Visitor network access for an event in a different location (other than the Oakland Center, Meadow Brook Hall and Kresge Library)?
In some locations and with advance planning, temporary network access can be arranged for an official university event. The sponsoring department should contact University Technology Services at firstname.lastname@example.org. Event planning details are needed as early as possible before the date. UTS will analyze the request and provide a response about possibilities and costs. Please note that most campus locations are not ready to have large numbers of visitors access the wireless network.
Why doesn’t Oakland University provide free and open wireless network access like local restaurants?
As a University, Oakland must comply with federal regulations that do not apply to restaurants. To keep the cost of network operation as low as possible, Oakland University has implemented the lowest cost options for regulatory compliance. Additionally, student tuition covers the costs of providing wireless access points and bandwidth necessary to provide Network Access. To keep the cost of education as low as possible, we must restrict access to those who pay for it – our students – or those employed by the university who need access to do their jobs.
Network Policies and Security
- Network connectivity is governed by official Policy #850 - Network Policy. Departments and operations must contact University Technology Services to extend the network into new locations.
- Network access and use are governed by Policy #890 Use of University Information Technology Resources.
- Access and use may be limited, restricted, or suspended in situations where there is an abnormally excessive usage of resources, suspicious or illegal activity, or during an investigation as approved under guidelines in Policy #890 and approved by the Office of Legal Affairs.
- All non-wireless computers must connect directly to a network jack on
the wall. Unless prior written consent has been granted, no desktop
hubs, switches, or routers are permitted. Unapproved devices will be
removed by UTS.
- Servers operating on the University network must be approved and either operated by University Technology Services or be covered by an appropriate Service Level Agreement (SLA). Servers must be operated in compliance with Policy #880 - Systems Administration. or will be disconnected from the network.
To review all information technology and networking related university policies and guidelines, please review the Policies and Guidelines site.
Network Registration System - NETREG
All computers connecting to the Oakland University network must be registered to an Oakland constituent before network access will be granted. All registration data must be accurate, and periodic re-registration will take place annually to ensure that all records are current. Any computer which remains powered off or disconnected from the University network for more than 180 days is automatically de-registered.
Contractors performing authorized work, as well as vendors soliciting responses for Request for Proposals (RFPs)
must abide by the Telecommunication (Data, Video and Voice) Standards
when submitting proposals or performing changes to the network infrastructure.
The following items should also be taken into account when designing systems that connect to the Oakland University network.
• All device-to-device network communications must use IPv4 over Ethernet. Legacy protocols such as IPX/SPX and NetBEUI are prohibited.
• All network-connected devices should be IPv6-capable. If not, the vendor should have an IPv6 roadmap and/or migration strategy.
• All device-to-device network communications must allow for connectivity between subnets. Direct layer 2 connectivity between devices cannot be guaranteed and must not be required by this system.
• All network-connected devices must support standards-compliant DHCP including periodic lease renewal prior to expiration.
• All network-connected devices must present only a single MAC address to its directly-connected switch. All network-connected devices must never act as bridges or attempt to participate in spanning tree. Filtering transit BPDUs is prohibited.
• All required network communications must be documented and diagrammed, including: source/destination device, IP protocols, and UDP/TCP port numbers.
• If IPsec is used to secure device-to-device communications, NAT-Traversal/Transparency must be supported.
• All network-connected devices must only send (and be able to receive) IP packets that are less than or equal to 1500 bytes in size including the IP header.
• Primary remote vendor support must be conducted via the university-provided VPN. Remote support provided via dial-in modem may be provided as a secondary method.
• All new cabling installed for this system must be performed under the supervision of UTS and follow existing university standards.
• If name resolution is required, all network-connected devices must use DNS. WINS must not be required for name resolution.
• "Universal Plug and Play" (UPnP) must not be required for system functionality.
• All network-connected devices should support 802.1x .
• All network-connected devices requiring PoE (Power over Ethernet) must be compatible with standards based IEEE 802.3af or 802.3at specifications. Note that prior to purchasing a device a ticket should be opened with Network Communications to ensure the location is PoE capable.