Section 8 (Definition of a LAN) Clarification

What is a "LAN" and what needs to be approved by CITES?

From the Campus Administrative Manual:

8. Network Design

CITES (formerly CCSO) is responsible for the design or approval of departmental local area networks (LANs) that are connected to the campus network and their connections to the campus backbone. The following subsections document policies and procedures relevant to these areas. The term LAN as used here refers to the routers, switches, repeaters, cabling and patch panels, but excludes servers and other computers.

Definition of terms:

Some equipment is obviously part of the LAN. For example, any hardware that is designed specifically to serve one of the following purposes will be part of the LAN and subject to CITES review and approval:

• Ethernet Repeater (10/100 or 1000)
• Ethernet Hub (10/100 or 1000)
• Ethernet Switch (10/100 or 1000)
• Ethernet Bridge (10/100 or 1000)
  (Note: This does include "mini-hubs" installed in any room, even ones just being used occasionally, as it is possible to disrupt an entire building's network by attaching one incorrectly.)
  
• ATM switches
• Router (any kind)
• Wireless Access Point (any kind)
• Firewall (any kind)
• Patch Panels
• Copper or fiber cable between rooms or buildings

Other equipment is usually not considered part of the LAN:

• Ethernet cards for computers (10/100 or 1000)
• Wireless cards for computers
• Computers
• Servers
• Copper or fiber cable within a single room (patch cables of 25 feet or less)

However, there are times when computers and servers are considered part of the LAN and will need CITES review:

• CITES should be informed of any computer or server with 2 or more network interfaces (Ethernet, ATM, wireless, or any combination of those). Router software comes pre-installed on many computers (especially Unix systems) that can be enabled by accident. CITES needs a record of where these computers are installed.
  
  (Note: This does not include notebook computers unless both interfaces, such as wireless and Ethernet, are being used at the same time.)
  
  
• CITES should be informed of any computer or server running as a firewall for any machine in addition to itself. Depending on how the firewall software is set up, there will be troubleshooting and security issues that need to be documented for both CITES's information and for your unit's.
  
  (Note: This does not include "personal firewall software" that protects just the local computer. It does cover software that allows one computer to protect a number of other computers.)
  
  
• CITES should be informed of any computer or server running as a Wireless Access Point. (A Wireless Access Point is defined as a machine containing both an Ethernet and a wireless connection, both of which are in use simultaneously to transfer data from the wired network to the wireless network or vice versa.) Wireless Access Points have special security issues to be managed. CITES has to check that the security for wireless connections is adequate.
  
  
• CITES should be informed of any installation of new permanent wiring. In particular, laying new fiber or copper between rooms or running new fiber or copper through walls must be pre-approved. Laying new fiber or copper between buildings is not permitted. Each building must have a direct fiber or copper connection to a campus node in accordance to the UIUC Campus Standards.
  

Why do I want to get approval for the networking components I want to install?

CITES provides free network maintenance and other support to units if their network design has been approved by the NDO. If you add an un-approved component, your whole unit forfeits the free support, and your unit will be required to pay if you need help with any part of the unit's network. This is because one problem device on a network can break the whole network, not just your single office.

How do I get CITES's approval of new equipment?

First, tell your local network administrator before you install the equipment. Your network administrator will document what you want to do, and how to connect it into your unit's network. Once your local network administrator knows how he or she wants to connect the new equipment, the administrator should contact the CITES Network Design Office (NDO) to get the changes approved.

Network Design Office contact information

E-mail: ndo@uiuc.edu

Phone: (217) 244-1600

Fax: (217) 244-7809

Campus mail:

Network Design Office
1540 DCL, MC 256

 

Last Updated: May 14, 2002
Debbie Fligor