Every Router must meet the following configuration standards:

• The Router must have no local user accounts configured. Routers must use the Terminal Access Controller Access Control System (TACACS+) Protocol for User Authentication.
• The “enable” and “secret” passwords on the Router must be kept in a secure encrypted form. The Router must have the “enable” and “secret” passwords set to the current production Router passwords provided by the Information Technology Services department.
• The following are prohibited:
• IP directed broadcasts
• Incoming packets at the Router sourced with invalid addresses (e.g. RFC1918 addresses)
• TCP small Services
• UDP small Services
• All source Routing
• All web Services running on Router
• University standardized Simple Network Messaging Protocol (SNMP) community strings must be used.
• Information Technology Services has the authority to, and will add, rules to the Access Control List as business needs arise.
• The Router must be included in the University Security Management System with a designated point of contact.
• Each Router must have the following statement posted in clear view:

UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED. Users must have explicit permission from Park University’s Information Security to access or configure this device. All activities performed on this device may be logged, and violations of this policy may result in disciplinary action, including expulsion from the University (if a student) or termination of employment (if an employee), and may be reported to law enforcement. Authorized Users who utilize this device have no right to privacy.