SERVER REGISTRATION PROCEDURE
Information accessible through the Internet is available worldwide. Unfortunately, the incidence of
hacking attempts continues to grow. Although the greatest threat is from locations off campus,
inappropriate access to servers is possible from any computer on campus as well. The result of
unauthorized access to a server can result in major financial penalties, legal action, business
disruption and damage to the university's image. This overview is supplemental to and does not
supersede the official GCSU Policies for Connecting Devices to the University Network.
In order to protect the GCSU network from unwanted intrusions, the University utilizes a firewall on
the connection to the external Internet. The firewall is used to manage all outbound traffic from the
GCSU network to hosts on the Internet. Incoming connections to machines on the GCSU network
will be blocked unless registered with the University's Division of Information Technology (IT)
In order to protect University resources, all servers must be registered with the Division of
Information Technology (IT). Registration provides information necessary to monitor these
resources and help protect them from intrusion.
To submit an application for a server to be registered on the GCSU network a GCSU Server
Registration Application form must be completed. One application should be completed and
submitted for each machine that is connected to the GCSU network. If you have questions or
require assistance in completing this form, please contact the Serve Help Desk at 445-7378, or
through email at email@example.com.
Administrators should exercise caution when determining which services to activate. Only those
services absolutely necessary should be enabled on any machine. Services are defined as protocols
such as, but not limited to, FTP (used for file transfer) and HTTP (used for the web) that run on the
servers connected to the GCSU network.
The registered administrator's responsibilities include, but are not limited to, physical security of
the machine, applying all security patches immediately as they become available and reporting any
suspected breach of security to the Chief Information Officer (CIO). All administrators are
responsible for complying with the GCSU Policies for Connecting Devices to the University Network
and monitoring the GCSU Server Administrator email list. The University reserves the right to deny
any requests for connectivity to the network and/or access through the firewall. In accordance with
the GCSU Incident Response Plan, a security incident involving a particular server or servers,
access to those machines may be blocked until the situation is resolved.
If the registration application has been approved, a passive port scan will be conducted and all
requirements for tightening the security on the machine will be reviewed with the systems
administrator. Should highly vulnerable ports be found, IT staff may, with or without notice to the
system administrator, remove access to the vulnerable server until such time as the machine is no
longer a risk to GCSU or internet systems.