Critical Host Policy Information

In summary, the Critical Host Policy describes the requirements and constraints for attaching and securing a critical computer to PennNet. One requirement is that passwords cannot travel over Penn's network in clear text. The policy also provides "best practice" recommendations to guide system administrators in further steps to protect PennNet-connected systems. The purpose of this policy is to ensure that all systems installed on PennNet are maintained at appropriate levels of security while at the same time not impeding the ability of users and support staff to perform their work.

LSPs are encouraged to read the complete policy at:

http://www.isc-net.upenn.edu/policy/approved/20000530-hostsecurity.html

All critical hosts must offer compliant services by the follwing dates listed on the chart below. However due to the unavailability, in some cases, of mature clients for various protocols, the compliance timetable differs for each protocol on the client side: