Dual Homed Network Policy
Version 1.4
For Students, Faculty, Staff, Guests, Alumni
Purpose
The purpose of this policy is to protect the University’s IT Resources by prohibiting unauthorized dual-homed or multi-homed network connectivity that could bypass security controls, create unmonitored access paths, increase the risk of unauthorized access, and expose University systems or data to compromise.
Scope
This IT security policy, and all policies referenced herein, shall apply to all members of the University community, including faculty, students, administrative officials, staff, alumni, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.
Policy Statement
- Devices connected to the University’s IT Resources must not be connected to more than one network at the same time unless such connectivity has been expressly authorized in writing by Information Security and Assurance through an approved exception.
- Dual-homed or multi-homed connectivity is prohibited when it creates a direct or indirect connection between two or more networks within the University (e.g., an internal server network or a DMZ), or when it bridges the University network with any external/third-party, personal, guest, unmanaged, or otherwise unapproved network.
- Devices must not be configured to use multiple network interfaces, adapters, wireless connections, virtual connections, or other communication paths in a manner that circumvents, weakens, or bypasses University security controls.
- The University reserves the right to disconnect any device or disable any connection that violates this policy or presents a risk to the confidentiality, integrity, or availability of the University’s IT Resources.
Definitions
Dual-Homed or Multi-Homed Connectivity is the condition in which a computer, server, workstation, mobile device, virtual machine, or other network-connected device maintains concurrent connectivity to more than one network through multiple network interfaces, adapters, or communication paths.
IT Resources include computing, networking, communications, applications, and telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and any related materials and services.
Related Policies
- IT Resources Remote Access Policy
- Firewall/Access Control List Policy
- Configuration Management Policy
- System and Communications Protection Policy
Implementation Information
| Review Frequency: | Triennial |
|---|---|
| Responsible Person: | Senior Director of IT Security and Assurance |
| Approved By: | CISO |
| Approval Date: | May 16, 2017 |
Revision History
| Version: | Date: | Description: |
|---|---|---|
| 1.0 | 05/16/2017 | Initial policy |
| 1.1 | 5/23/2018 | Updated disclaimer, scope, and definitions |
| 1.2 | 06/06/2020 | Updated purpose statement |
| 1.3 | 07/25/2023 | Updated policy statement |
| 1.4 | 04/23/2026 | Updated purpose, policy statement, and definitions |
Policy Disclaimer Statement
Deviations from policies, procedures, or guidelines published and approved by Information Security and Assurance (ISA) will only be considered cooperatively between ISA and the requesting entity with sufficient notice to allow for conducting appropriate risk analysis, documentation, review, and notification to authorized University representatives where necessary. Failure to adhere to ISA written policies may be met with University sanctions up to and including dismissal.