Service maintenance and availability
FSE-IT seeks to maintain IT availability and capacity to adequately support the teaching and research responsibilities of the Faculty. As our servers, and the services they provide, are critical to the daily operations of the Faculty, the maintenance of the supporting hardware, software and infrastructure have become a high priority.
In order to meet demand, maintenance and especially security issues, there needs be time allocated during service maintenance where services may be unavailable. Such downtime will be scheduled during low peak times to minimize the impact of service disruptions. Notifications of such maintenance will be publicised via e-mail and web sites.
We currently implement a monthly schedule maintenance outage on the first weekend of each month. E-mail notifications are usually sent out during the preceding week.
Email was originally designed to use a best effort delivery method to send simple text messages. It was never designed as a guarantee delivery system or to send multi megabytes files. If a user sends an email it does not guarantee the recipient received or even read the email. While several attempts have been made to extend the mail protocol to handle such situations, not all email user agents or message transfer agents support all of them or are even standards compliant.
File systems access
The main file servers are primarily for supporting basic services such as web publishing, email delivery and access, Windows and Unix file sharing, etc. These file systems are exported to other application servers from which users have access to both account files and locally installed applications. Users should access their accounts from these application servers. Users are discouraged from logging on to or running applications on the main file servers.
As these file systems contain important and vital information for the daily activities of all departments and centers within IT, security is a major concern. Access to these file systems is not allow on servers which IT has limited or no administrative control.
Limited access is available to individual personal accounts via such services as CIFS shares. This allows access to individual directories instead of entire departmental file systems. Users should consult documentation on the IT web site and available OS documentation on how to properly and securely access these file shares.
Web application hosting
The advent of simple web applications which can be easily download and installed in a user’s personal cgi-bin / html directory are becoming the latest method for hackers to circumvent existing establish security measures in our network.
These web applications, such as PHP and Python applications, can be downloaded and installed without any IT intervention or knowledge. These applications are subject to exploits and hacking attempts which may lead to compromising all accounts and/or services within Faculty servers.
As IT may not be aware of which or what applications users may have installed, user should notify IT of any such third party application they may be using and must keep up to date with any related upgrades, patches or vulnerabilities. IT can notify users of any know CERT advisories provided IT is informed of which applications are installed and by whom. However, users are ultimately responsible for any such applications and their proper installation and usage.
IT provides Faculty of Science users with access to a database facility. Access is provided under the following conditions:
- Users should notify FSE-IT of the purpose of their database, any related applications used with their database and who would need access to their database.
- Once the database is created by FSE-IT, users are granted all rights to their database.
- Users do not have rights to create new databases. Additional databases can be created on request.
- Users are responsible for regular maintenance, repair and backups of their databases.
- Users are responsible for installation, maintenance and updates of all related database applications.
- Users should be aware of outstanding security issues related to their applications and take any necessary precautions to keep both their databases and the database server secure from potential misuse or malicious damage.
- Notifications of server updates or upgrades will be sent to users prior to any changes. Please notify FSE-IT if any changes adversely affect your databases or applications.
- Users are responsible for checking their applications for any incompatibilities with our server.
- If you no longer need to use the server, please drop your database and notify for account removal.
- As this server is a Faculty wide shared resource, users should not use this server to host extremely large databases or compute intensive applications.
The Faculty currently hosts all the domains within its subnets as delegated to it from our parent domain provider. We can host additional domains provided they are within the Macquarie University *.MQ.EDU.AU domain.
We can not support any additional external domains. Groups, commercial entities or users who plan to create or publish publicly accessible material under such domains should first investigate the costs and types of service involved by external companies or related organizations who can provide such services. Groups should check if their requirements can be met by hosting under their existing departmental web or e-mail infrastructure.
Which ever option is chosen, groups should consult with FSE-IT prior to setting up an external hosting arrangement or domain name and preferably in the early stages of any proposal or consideration.
Server room facilities
Rapid and substantial grow of several departments within the Faculty have begun to push the limits of the Faculty’s server facilities. As a result of limitation on air conditioning, power distribution and rack equipment space, the following policies are to insure continued adequate and fair infrastructure support for all department and centres within the Faculty:
- Any groups planning purchases of additional servers should check with FSE-IT concerning space, power and maintenance requirements. This must be done prior to purchase and preferable early in the equipment proposal stages!
- Equipment purchases must seriously consider the additional cost of maintaining the server after purchase.
- Departments need to nominate a contact person who will be responsible for user support and backup of relevant data for each server.
- Considerations must include who will be responsible for setup, maintenance, patching software and operating system plus security.
- Only Faculty or departmental resources should be housed within the server room.
- If rack space continues to be an issue, servers providing departmental or Faculty wide resources will have preference over all other servers.
FSE-IT currently have responsibilities for most Faculty wide servers and services. However, as the number of servers plus complexities of different software and operating systems increase, FSE-IT has limited time and resources to manage additional server responsibilities to its already existing commitments. FSE-IT will continue to provide assistance when and if necessary but actual maintenance should be the responsibility of the respective departments or groups which purchased the equipment.
Port scanning is prohibited.