Quarantine network Information

What functionality does the Quarantine for specialist equipment network have?

  • Quarantine networks has no outbound or inbound internet access.
  • RDP and SSH traffic is permitted into and out of the quarantine network from the Quarantine Windows Terminal Server only.
  • Quarantine networks has access to central DNS servers and Microsoft Windows Server Update Services (WSUS).
  • Quarantine networks has access to license servers (ports only) that have been approved by CAB :
    • Mathworks Matlab
    • National Instruments Labview
    • Autodesk (Zone E)
    • Key Management Services (KMS)
  • Quarantine networks have no outbound access to any other University networks
  • Machines in the quarantine network can be configured with:
    • A generic local user account or multiple local accounts.
    • No antivirus program (however it is advisable to have one installed).
    • No security updates, so projects can run longer without the need of interruptions.
    • Not dependant to network resources.

Information can be found here https://wikis.bris.ac.uk/display/rit/Quarantine+network

Autonomous Network information for end users

Autonomous network technical brief

  • One set up for each P.I / Research Group
  • have outbound internet access.
  • have no inbound (unsolicited) internet access by default however this can be enabled by setting a static public IP
  • HTTP(S), RDP and SSH traffic is permitted into the Autonomous network from the University Campus, Resnet, and Wireless (Nomadic/Eduroam) networks (on the standard TCP ports only).
  • have access to central UoB NTP, DNS and other services (e.g. WSUS).
  • have no outbound (unsolicited) access to any other University networks.
  • are isolated from each other.
  • will be kept secure and effectively managed by their users. Vulnerable hosts e.g. those needed for research equipment but with legacy operating systems should not be placed in Autonomous Networks with internet access

How to request one

Please contact your local zonal team to discuss what your needs are to make sure that a Autonomous Network is correct for you. The PI for the group will need to create a incident requesting Autonomous Network, please put “Request for Autonomous Network” in the brief description, you will then be sent an email with a link to the AN policy that you will need to read and accept by replying to the email.

Information for end users can be found here https://wikis.bris.ac.uk/display/rit/Autonomous+Network