Network Working Group ACM SIGUCCS Request for Comments: 1359 Networking Taskforce FYI: 16 August 1992 Connecting to the Internet What Connecting Institutions Should Anticipate Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard. Distribution of this memo is unlimited. Abstract This FYI RFC outlines the major issues an institution should consider in the decision and implementation of a campus connection to the Internet. In order to provide clarity to the reader, some specific information has been detailed. In doing so, the document has been directed toward U.S. academic institutions that have not yet connected to the Internet. However, the issues for which specific information has been provided can be generalized for any organization that wishes to participate in the world-wide Internet community. It will be necessary for those organizations to obtain the correct and detailed information from their local or national IP service providers. In addition, this document may be used as an evaluation checklist for organizations that are currently connected. Readers are expected to have general familiarity with networking concepts and terminology. Table of Contents 1. Acknowledgements.............................................. 2 2. Introduction.................................................. 2 3. Initial Planning/Pre-Internet Installation Phase............... 4 3.1 Ask the Vital Question...................................... 4 3.2 Reasons Why to Participate................................... 5 3.3 Connection Options........................................... 6 3.4 Connection Service Providers................................. 7 3.5 Sample Questions for Connection Services Providers........... 8 3.5.1 Sample Questions........................................... 8 3.6 Cost Assessment.............................................. 9 4. Initial Implementation and Startup Phase....................... 10 4.1 Policy Issues................................................ 10 NETTF [Page 1] RFC 1359 Connecting to the Internet August 1992 4.2 Connection to the Mid-level Network.......................... 11 4.3 IP Addresses and Domain Names................................ 11 4.4 Technical Issues............................................. 12 4.5 Support...................................................... 12 4.6 Training..................................................... 13 4.7 Promotion.................................................... 13 5. Full Production/Maintenance................................... 13 5.1 Technical Issues............................................. 14 5.2 Human Factors................................................ 14 6. Evaluation Strategies......................................... 15 7. Appendix A. Partial List of IP Service Providers.............. 16 8. Appendix B. NSFNet Backbone Services Acceptable Use Policy.... 22 9. References.................................................... 23 10. Security Considerations....................................... 24 11. Authors' Addresses............................................ 24 1. Acknowledgements This document was created through the efforts of the ACM SIGUCCS Networking Taskforce. NETTF was created in 1989 under the direction of Martyne Hallgren and with the approval and support of the SIGUCCS Executive Board. The Networking Taskforce was created to increase awareness and understanding of the Internet, to disseminate information and research on development and use of the Internet, to promote innovative and appropriate use of Internet resources, and to initiate and encourage cooperation between the SIGUCCS membership and other organizations, such as the Internet Engineering Task Force (IETF), with similar goals towards networking. 2. Introduction The Internet is a world-wide network of networks with gateways linking organizations in North and South America, Europe, The Pacific Basin and other countries not previously included. The organizations are administratively independent from one another. There is no central, worldwide, technical control point. Yet, working together these organizations have created what to a user seems to be a single virtual network that spans the globe. The networks all use a common suite of networking protocols, TCP/IP. It is because of this commonality of protocols, this commonality of network functionality and interoperability that the networks provide what may appear to be a seamless, integrated virtual network, irregardless of the underlying heterogeneity of the underlying computer hardware or communications transport. NETTF [Page 2] RFC 1359 Connecting to the Internet August 1992 The most basic functions provided are electronic mail, access to remote computational and informational facilities and file transfer. The networking protocols were first deployed in the late 1960's in the United States. For several years, they were only used for very specific research activities and in some computer science departments. In 1985, at a meeting of National Science Foundation networking specialists and higher educations representatives, a new national data networking backbone, using these protocols, was outlined and acted as a catalyst resulting in dramatic changes in data networking technologies and usage. Originally conceived to connect the six national supercomputing centers that had been established, in the ensuing years, the NSFNet backbone network and its associated mid-level networks have grown dramatically. The networks built for mission and discipline specific uses have also grown dramatically. More importantly, because of the common technology, they have been able to be connected together, increasing their reach and as a result, their usefulness to the user community with very little additional expense. The end result is a robust technology supporting the higher education and research community. Its continued development and growth are essential to maintaining excellence in education and research. The use of the Internet has steadily and dramatically grown over the past years. More and more sites have connected. Each site may have more and more uses of the network, as existing users expand and new users are added resulting in exponential growth of network traffic. But even more dramatic are the explosions in growth due to the innovative applications. Networks are having a dramatic effect on everything from libraries to elementary schools, from sharing expensive scientific instruments to using databases to access atmospheric data to electronic publishing and interpersonal collaborations building "workplaces without walls". The number of organizations connected at present is constantly growing. At present, the organizations that connect through the Internet include universities and colleges, research laboratories, government and private, libraries, specialized scientific centers, state agencies, K-12 (Kindergarten-12th Grade) organizations, individuals, and individual research labs. But no matter what kind of organization it is, they all have the same need to understand what it means to connect to the Internet. An institution must anticipate and prepare for four critical phases in the deployment of an Internet connection. The list of issues discussed within this document is not exhaustive but rather the NETTF [Page 3] RFC 1359 Connecting to the Internet August 1992 information provided should alert decision makers to major concerns they should address during the different phases of network deployment. As each issue is discussed, both soft and hard cost items will be identified. Both must be considered when determining the real cost of deploying an Internet connection. The hard cost items include costs for which invoices are created. They include the costs for new circuits or phone lines, the purchase of modems or csu's and routers, network membership dues and upgrades to existing hardware to make it network compatible. Soft costs are harder to quantify but no less important. These costs include training and education of staff, faculty, and students, modifications to support staffing and structure, deployment of new network applications or network services such as FTP servers, centralized electronic mail services, or campus-wide information systems. It should also be recognized that the soft costs involved also result in benefits that can easily be seen as people investment and organizational investment. The four phases of an Internet Connection deployment are: A. Initial planning/Pre-Internet installation phase B. Initial Implementation and Startup phase C. Full Production/Maintenance phase D. Evaluation/Upgrade phase 3. Initial Planning/Pre-Internet Installation Phase 3.1 Ask the Vital Question An institution must first address the question, "What does my community/institution gain from participating in the Internet community?". Both commercial and non-profit education and research institutions rightfully spend a great deal of high level effort to define their mission and goals. Any introduction of new technology -- particularly one which involves new modes and methodologies of communication -- should be assessed in light of the institution's own mission and goals as well as the wants and needs of the user community it serves. Following, and as part of this evaluation, key institution decision makers (at the highest levels of the organization) will require information not only on the cost of connection, but more importantly on the purpose and scope of participation in the Internet. The decision to participate requires not only the strong commitment of senior administration but also the support and endorsement of the NETTF [Page 4] RFC 1359 Connecting to the Internet August 1992 general institutional community. In the case of an educational institution, it is critical to have the support and active interest of the faculty. This decision will also involve a campus wide needs assessment to determine the interest and support of the campus community. 3.2 Reasons Why to Participate The deployment of an Internet connection provides the impetus for the development of a campus wide strategy for the use of information technology which may otherwise never be accessible. It may be difficult to quantify such benefits but they must be included in the justification process. Many institutions have already done this and are very likely already connected. An interested institution might will consult with a nearby, connected organization to see what benefit they have derived from the connection. An institution looking at a connection for the first time must decide if a major reason is simply to participate in a technology that has already proven itself as being important to education; more importantly, it may be a requirement now to compete with peer organizations. This is especially important to consider when recruiting both new faculty and students. New faculty will want to continue with their research and academic collaborations which may require resources not affordable to the institution. These resources can be made available via the network. As a result, a university or college may be able to recruit students and offer a new curriculum that demands access to resources that would only be available via the network. The potential gain in prestige, research participation and dollars is well work the investment. Many universities have also discovered economic efficiencies. Many subscription services have traditionally required a dedicated and expensive access method. More and more of these services are now accessible via the Internet. This trend will undoubtedly continue as more and more commercial companies make their services available. While the subscription fee may not alter, the cost of the dedicated connection may by used to finance an Internet connection; not only will the availability of the particular service be greater but the underlying access medium can be used for multiple functions. Libraries, many already with automated catalogs, are looking at various new applications to deal with the glut of information, shrinking dollars and limited shelf space. Electronic journals, image-based text, publishing on demand are all issues that are being evaluated for the digital library. Universities are automating and integrating a variety of activities and providing access to the students and staff via a campus network. At some universities, NETTF [Page 5] RFC 1359 Connecting to the Internet August 1992 students are able to register for classes, look at their grades, and check their bill from their dorm room instead of having to suffer through long lines. Some universities are able to keep in contact with their alumni, through a variety of on-line information resources. NSFNet was first created to facilitate access to five national supercomputer centers, centers which still provide to researchers leading edge computational technologies to support research in a variety of areas, from black holes to pollution in the L.A. basin. Today, researchers and students alike have access to a broad range of computational, informational, and scientific instrumentation that can be used remotely, with no loss of productivity. For some organizations, this means that they now can recruit faculty with research requirements that they themselves could never afford. It means access to research funding. At the same time, it opens up the opportunity to faculty and students to select their next institution for reasons other than the hardware currently owned. 3.3 Connection Options There are a variety of connection options. Factors besides costs may be used to select the appropriate option or a series of options. These factors include size and projected use (traffic) of the connection, nature of the use and purpose of the enterprise driving the effort. There are three basic categories of IP service connection available at this time. All three categories support essentially the same set of functions. They support a variety of line speeds (which affects total capacity of the connection) and will run on a variety of hardware platforms. Performance depends on the line speed, the hardware and software used, and the use. The three basic connection categories are: a) dedicated connection b) dialup connection c) dialup access to a connection service A dedicated connection requires a dedicated, point-to-point telecommunications circuit and an IP router (a dedicated networking device), linking the organization to the Internet. Line speeds range from 9.6 Kb to 45 Mb, with the most common connection speeds being 56Kb and 1.54 Mb. A dedicated connection to the Internet most commonly connects to a campus-wide network with several hosts and workstations. NETTF [Page 6] RFC 1359 Connecting to the Internet August 1992 A dialup connection requires a workstation, which may or may not be dedicated to networking, with appropriate networking software and an attached modem. It uses a regular phone line. When a network connection is needed, the workstation is used to establish a connection over the modem and phone line. At the end of use, the connection is broken. Line speeds range from 9.6Kb to 56Kb, with lower speeds being most common. It can be used to connect a single workstation or a LAN. However, if it is used to connect a LAN, the workstation must provide some routing functionality. Several IP service providers offer dialup access to a connection service. Such a service provides only remote login capabilities or other limited functions by calling a local phone number and setting up a single function environment. A terminal emulator is used from a MAC or a PC. The service can support speeds from 2.4Kb - 19.2 Kb. Providers usually charge a flat-rate connection fee as opposed to a connection fee and traffic charge. As each type of connection alternative is examined, the organization must consider the technical evolution and cost projections. The appropriate campus agency (usually an information or telecommunications area) should inventory the existing campus networking. For those organizations that do currently have a campus network, the inventory will provide valuable input to the development of a short and long term technology evolution strategy. If a campus network does not yet exist, the development of a campus networking strategy may have the effect of an upgrade of technology throughout the campus. In either case, the question of how to get network connectivity to the workstations on the faculty and staff desks, large user rooms, residence halls, libraries and campus stores must eventually be addressed. A connection to the Internet does not always imply the development of a campus-wide network. In some cases, it may be appropriate for only a small segment of the organization's community to have access to the Internet. Often, organizations will use such a strategy as a way to introduce the technology to a small group of enthusiastic customers who become champions in their own right. 3.4 Connection Service Providers There are several organizations, not-for-profit and commercial, that now offer connectivity services to the Internet. Refer to Appendix A for a partial list. There is no hard and fast rule specifying to whom an organization should approach for a connection. Historically, there has been a NETTF [Page 7] RFC 1359 Connecting to the Internet August 1992 tendency for an academic institution to become a member of the closest mid-level network. The best approach, given the growing number of IP service providers, is to consider all the providers that offer services in the region, consider the variety and quality of services offered within in the framework of the organization's requirements and make an informed decision based on that information. 3.5 Sample Questions for Connection Services Providers It is often hard to know what questions should be asked while evaluating different service providers. The following set of questions have been included at a starting point for any discussion with an IP service provider. 3.5.1 Sample Questions a) What connection services do they offer? Please describe in detail (i.e., until you understand what they are talking about). b) What is the cost? c) What is included in the cost? -the circuit cost (installation and monthly charge) -the router (cost of onsite router, cost of offsite router) -hardware/software -maintenance, of what?? -membership fee d) Is there any other kind of charge not included in the upfront cost? e) What are their support services? -NOC? -NIC? -What do they mean by either organization? f) Do they fix the router when it's broken? g) Do they require 24 hour access to the physical location? h) Do they require an onsite person be available to them to assist in problem diagnosis? i) What training is available? Is it included in above cost?? j) Do they have an acceptable use policy? NETTF [Page 8] RFC 1359 Connecting to the Internet August 1992 k) Is there an annual meeting? l) Do they have dedicated (i.e., full time), professional staff? m) Are there limitations to connecting to other parts of the Internet (i.e., can you everywhere you need to get?)? n) To whom else do they provide service? -references? If any of this information is confidential, consider finding another service provider. 3.6 Cost Assessment An organization contemplating a connection to the Internet should be careful to consider not only the physical connection and startup costs but also the costs of supporting the resulting service infrastructure. This infrastructure includes the development and continued support of a campus-wide network. At some universities, this network may only support data, but at many universities and other organizations, the development of a campus-wide network must evolve to consider data, voice, and video as the applications and requirements of information technologies supported by internetworking technologies expand. The Internet provides access to a wide variety of resources and a broad set of functions and services which may or may not have been available locally. Support staff will require education and training to support and in turn train the faculty, other staff, and students in the use of the new technology and new resources made available. This training may mean strategic re-orientation and deployment of campus networking information services. The costs of such added- value services should be planned for in advance. Increased use of the campus network will make additional demands on existing network technical staff. Areas of the institution not currently participating in data network services will want to participate. While not all of these services can be exactly quantified in terms of costs, they must be anticipated and incorporated into campus planning for an Internet connection. These areas may include libraries, dormitories, student services, and data depositories. The implementation of an Internet connection provides the impetus for the development of a campus-wide strategy for the use of information technologies which may otherwise have never been accessible. It may be difficult to quantify such benefits but they must be included in NETTF [Page 9] RFC 1359 Connecting to the Internet August 1992 the justification process. The benefits can include access to expensive, scientific instruments such as computational services (i.e., massively parallel supercomputers) or particle accelerators. Clearly, this access means that the organization will have the use of these facilities without the cost of buying one, thus provide an effective recruiting tool for bright, young PHD's who require this kind of resource. 4. Initial Implementation and Startup Phase Once the institution decides to connect to the Internet, several tasks should get underway. In rough terms, the tasks relate to policy, process definition, education, promotion, technical and fiscal issues. Several of these tasks should be addressed simultaneously. 4.1 Policy Issues The campus community should develop guidelines for acceptable use of the network. These guidelines not only include policies governing the use of the campus net, but now extend to guidelines for the appropriate use of the Internet as well. Appropriate use policy must include policies developed by the Internet community. NSF has an acceptable use policy which applies to use of the backbone networks they provide. See Appendix B. Each of the mid-level networks as well as other organizations with their own backbone networks have their own acceptable use policy, which may not be the same as that of NSF's. It is important to be aware of the limitations or lack of limitations when connecting and using various networks. The development of an acceptable use policy, in addition to providing protection to the institution provides an excellent opportunity to develop campus guidelines for privacy and security issues for computing in general. Guidelines about data available on the network and the proper use of that data and how data may be properly used and who may properly use it, issues of copyright and attribution requirements of FTP-able documents; all these topics should be considered. Ethical guidelines concerning the use and possible misuse of software and data banks available over the Internet must be carefully developed and published across the institution and in the hands of faculty, staff, and students. Considerable work has already been expended in developing several good references which can be used to guide the development of these policies. See FYI 8, RFC 1244, "Site Security Handbook" [1]. NETTF [Page 10] RFC 1359 Connecting to the Internet August 1992 In order to maximize usage for the entire Internet community, the campus community must learn proper etiquette in the use of the network, including such issues as the management of large files, data compression, and the efficient use of electronic mail. See RFC 1087, "Ethics and the Internet" [2]. 4.2 Connection to the Mid-level Network By this time, the organization should have decided what type of connection they want and with which service provider they will be working. There are specific technical details which must be addressed in the initial deployment of the connection. There is the evaluation of hardware and software. The mid-level network or institution providing the connection is often an excellent resource to complement the on-campus group in determining the best configuration. It is vital to understand before this time exactly what items the organization will be required to purchase or that will be provided at part of a fee-based service. (Refer back to the sample set of questions.) 4.3 IP Addresses and Domain Names Every organization connecting to the network must have a unique identifier. This identifier is known as the campus IP network address. In addition to a numerical identifier, most organizations also get what is known as a domain name. It is through the numerical address and the domain name that the organization's hosts will become know throughout the Internet. An organization must register with the authority that assigns a IP addresses and for a domain name. The IP address is assigned by the Internet Address Naming Authority (IANA). The Domain Name is picked by the organization. A domain name is simply a character string that maps to the IP address. It makes it easier for humans to remember than a unique set of numbers. It is beyond the scope of this document to include a tutorial on IP addresses and domain names. For more information on IP addresses and domain names, refer to Doug Comer's textbook, "Internetworking with TCP/IP: Principles, Protocols, and Architectures" [3]. (See also FYI 5, RFC 1178, "Choosing a Name for Your Computer" [4].) There are different classes of Internet addresses, which correspond to the number of hosts an organization anticipates connecting to its networks. Thus the campus should carefully consider the planned growth of its own network in applying for the appropriate class of membership. The IP service provider is an excellent source of advice in choosing a membership class. NETTF [Page 11] RFC 1359 Connecting to the Internet August 1992 At this time, there is no cost associated with registration for IP addresses or domain names. The actual procedure for applying for the IP address and domain name should be explained and is often provided to the connecting organization by the IP service provider. 4.4 Technical Issues The installation itself should occur with with as little disruption to the campus network as possible. To accomplish a such deployment, the organization should develop a complete plan of action, which would include the following steps (some may be simultaneous; some may be done by the service provider; the list is not exhaustive): a) order, install, test circuit or phone line b) IP address and domain name registration c) hardware purchasing/delivery d) routing configurations/reconfig campus network e) bring up router, test end-to-end connectivity f) make available to campus 4.5 Support Perhaps the most challenging task in the initial deployment of the Internet connection is the resulting reorientation of network technical and network information services. There are added responsibilities for network management as well as added network information services to support the connection. Cognizant administrators must recognize, plan and budget for these added tasks. Administration must also ensure that there is a clear delineation of duties among technical and network information services staff to avoid needless duplication of effort or conflict. Concurrent with the deployment of the network, the education of the user community is critical. This includes creation of documentation on basic information about the Internet and specific campus resources as well as details on remote resources (library catalogs, information servers, etc) and how to use them. Many organizations have already created excellent documentation that they are willing to share. They generally only require attribution in return for distribution rights (for educational purposes only). NETTF [Page 12] RFC 1359 Connecting to the Internet August 1992 4.6 Training Networking problems experienced by end-users are often the result of mis-information or campus-specific configurations as opposed to problems at the mid-level or backbone. An investment in staff and user training and documentation at the beginning of the network deployment is an investment that will show a clear return in the long term. User training is critical but depending on the size of the campus, it is impossible to expect the support staff to train users on an individual basis. Rather, it's important to consider developing and promoting a hierarchy of support personal, so the central support staff is actually training the trainers who then go out and support their particular group of users. The most critical course taught to users is on local information on the basic functions of the network, electronic mail, file transfer, and remote login. Good documentation will help promote the successful use of the network. Documentation should be clear, concise and to the point. During the training, it is important to address the most commonly asked questions first. 4.7 Promotion A network is only as successful as the users say it is. From the very beginning, the network must be presented to them as a useful tool. Promotion, through newsletters and other appropriate communication vehicles must be considered a required activity. An active promotion strategy will allow an organization to set the expectations of the users in regards to service and performance, especially important for a networking staff that is just learning. Faculty involvement from the very beginning is vital. It is important to gain their support and to build on it. Whether it is through faculty advisory committees or direct contact with individuals, their feedback and support can be a healthy measure of success. 5. Full Production/Maintenance As the campus community incorporates the Internet as part as its usual routine, those responsible for the campus network and the Internet connection must ensure the accessibility, reliability, and relative ease of use of the network. This ongoing maturation of the network constitutes a vital service to the user community. NETTF [Page 13] RFC 1359 Connecting to the Internet August 1992 As the network becomes a crucial tool in the user community's daily routine, so does the interface between the operations, information, and user services staffs and the end users gain in importance. Responding to end-user problems with courtesy and accepting responsibility for resolving the end-user concern (as opposed the actual technical problem) creates a working environment of trust and partnership. 5.1 Operation Services There will be hardware and software support, including updating and maintaining compatible software revisions, planned replacement and maintenance of communications hardware to make use of new technology, and routine network operations center activities. This includes IP number administration, monitoring of the network to determine usage patterns, optimal routing, continuous and accurate updates of known problems as well as trouble shooting problem areas of the campus net. The network staff will have to maintain its campus routing tables. If the site serves as a backbone site, it may have to maintain tables for its designated area. It is important to continue to have a close relationship between the operations staff and the engineering staff. The operations staff must have a quick inroad to engineering to ensure quick responses to the user community as problems are reported. The scope of these technical activities depend upon the size of the campus network and the level of campus responsibility for the Internet connection. The responsibilities grow both in scale and importance as the institution comes to rely on the services of the network and its access to the Internet. 5.2 Information and User Services The education, training and promotion activities associated with the network continue but mature both in scope and the level of network expertise. Documentation efforts continue. Documents are refined and reviewed periodically for accuracy and completeness, but individual consultation will change as network users become more sophisticated and experienced in using the network. As more and more consulting and information services are made available through the network itself, network information staff will likely find themselves increasingly involved in "training the trainers" or in individual consultation and help sessions with faculty and researchers actively involved in collaborative research over the network. Promotion activities must also continue to involve new faculty and staff, to promote and advertise major campus network activities and NETTF [Page 14] RFC 1359 Connecting to the Internet August 1992 projects, and to highlight new services and projects available on the Internet. The continuing effort, which can include a campus newsletter or periodic seminars on network services, is a necessary and crucial part of recruiting new and innovative uses of the Internet, which will act to justify continued development and investment. 6. Evaluation Strategies A system as complex and ubiquitous as the campus data network requires periodic review and evaluation. As the campus network provides the primary access to the larger Internet community, evaluation strategies must include analyses of how and where the Internet is most heavily used and how campus data flows might optimize that traffic. Evaluation of network statistics provide key information on how the network is used and who is using it. In turn, this must lead to assessment mechanisms to gauge user satisfaction with the network and the tools used to make use of the network. At the base level, there are the tools provided within the network protocol itself -- Telnet, FTP, SMTP mail -- that provide fundamental access to the Internet. But as campus use of the network and the Internet matures, the campus network community itself will build on those tools to provide special "campus customized" tools used on the network. Network services should evaluate user needs and, where appropriate, design user friendly interface mechanisms especially suited to special campus area needs. While the use of quantitative methods of evaluation are important, they can not replace qualitative methods. If end-users are unhappy, if problems continue to be reported even though the statistics and technical monitors show few errors, organizations must recognize that serious problems do exist and take immediate action to resolve them. The use of the Internet itself and its impact on campus research and instruction goals must be reviewed and evaluated. The introduction of new technology inevitably involves reorientation and new means of communication. While this should be a benefit to the campus community as a whole, the new technologies may leave some segments of the community disoriented. A careful evaluation of the impact of this new technology should determine not only which areas of campus benefit from Internet participation, but also which areas are not benefitting from the new technology. Planning strategies should include special attention to areas not making use of network resources to make those areas aware of the potential benefits and to provide training in the use of the network. In summary, universities, schools, colleges and institutions in the Internet NETTF [Page 15] RFC 1359 Connecting to the Internet August 1992 community must incorporate a mechanism to evaluate both hidden benefits as well as hidden costs of that participation. 7. Appendix A. Partial List of U.S. IP Service Providers ANS Joel Maloff Vice President - Client Services Advanced Network and Services 2901 Hubbard Rd. Ann Arbor, MI 48105 (313) 663-7610 maloff@nis.ans.net BARRNET William Yundt Pine Hall Rm. 115 Stanford, CA 94305-4122 (415) 723-3104 gd.why@forsythe.stanford.edu Fax: (415) 723-0010 CERFnet Susan Estrada San Diego Supercomputer Center P.O. Box 85608 San Diego, CA 92186-9784 (619) 534-5067 estradas@sdsc.edu Fax: (619) 534-5167 CICnet Michael Staman President ITI Building 2901 Hubbard Drive Pod G Ann Arbor, MI 48105 staman@cic.net (313) 998-6101 Fax: (313) 998-6105 NETTF [Page 16] RFC 1359 Connecting to the Internet August 1992 Colorado Supernet Ken Harmon CSM Computing Center Colorado School Mines 1500 Illinois Golden, Colorado 80401 (303) 273-3471 kharmon@csn.org Fax: (303) 273-3475 CONCERT Joe Ragland CONCERT (Communications for NC Education, Research, and Technology) P.O. Box 12889 3021 Cornwallis Road Research Triangle Park, NC 27709 (919) 248-1404 jrr@concert.net Fax: (919) 248-1405 CREN Jim Conklin EDUCOM 1112 16th Street NW Washington D.C. 20036 (202) 872-4200 conklin@bitnic.bitnet Fax: (202) 872-4318 CSUNET Chris Taylor Manager, Network Technology Office of the Chancellor Information Resources and Technology P.O. Box 3842 Seal Beach, CA 90740-7842 (213) 985-9669 chris@calstate.edu Fax: (213) 985-9400 NETTF [Page 17] RFC 1359 Connecting to the Internet August 1992 JVNCnet Sergio Heker 6 von Neumann Hall Princeton University Princeton, NJ 08544 (609) 258-2411 heker@jvnc.net Fax: (609) 258-2424 LOS NETTOS Ann Cooper USC/Information Sciences Institute 4676 Admiralty Way Marina del Rey, Ca 90292 (310) 822-1511 Fax: (310) 823-6714 Merit Eric Aupperle Merit Network 2200 Bonisteel Blvd. Ann Arbor, MI 48109-2112 (313) 764-9423 ema@merit.edu Fax: (313) 747-3745 MIDnet Dale Finkelson 29 WSEC University of Nebraska Lincoln, NE 68588 (402) 472-5032 dmf@westie.unl.edu Fax: (402) 472-5280 MRNET Dennis Fazio Executive Director The Minnesota Regional Network 511 11th Avenue South, Box 212 Minneapolis, Minnesota 55415 (612) 342-2570 dfazio@MR.NET Fax: (612) 344-1716 NETTF [Page 18] RFC 1359 Connecting to the Internet August 1992 NCAR Joseph H. Choy P.O. Box 3000 Boulder, CO 80307-3000 (303) 497-1222 choy@ncar.ucar.edu Fax: (303) 497-1137 NEARnet John Rugo Accounts Manager BBN Systems and Technologies 10 Moulton Street Cambridge, MA 02138 (617) 873-2935 jrugo@nic.near.net NETILLINOIS Ed Krol University of Illinois Computing Services Office 1304 W. Springfield Urbana, IL 61801 (217) 333-7886 e-krol@uiuc.edu NevadaNet University of Nevada System Computing Services 4505 Maryland Pkwy Las Vegas, NV 89154 (702) 739-3557 NorthWestNet Eric S. Hood Executive Director NorthWestNet 2435 233rd Place NE Redmond, WA 98053 (206) 562-3000 ehood@nwnet.net NETTF [Page 19] RFC 1359 Connecting to the Internet August 1992 NYSERnet Jim Luckett NYSERNET INC 111 College Place Room 3-211 Syracuse, New York 13244 (315) 443-4120 luckett@nysernet.org Fax: (315) 425-7518 OARnet Alison A. Brown Ohio Supercomputer Center 1224 Kinnear Road Columbus, Ohio 43085 (614) 292-9248 alison@osc.edu Fax: (614) 292-7168 Onet Eugene Siciunas 4 Bancroft Ave., Rm. 116 University of Toronto Toronto Ontario M5S 1A1 Canada (416) 978-5058 eugene@vm.utcs.utoronto.ca Fax: (416) 978-6620 PREPnet Thomas W. Bajzek 530 North Neville Street Pittsburgh, PA 15213 (412) 268-7870 twb+@andrew.cmu.edu Fax: (412) 268-7875 PSCnet Eugene F. Hastings, II Pittsburgh Supercomputing Center 4400 5th Avenue Pittsburgh, PA 15213 (412) 268-4960 hastings@psc.edu Fax: (412) 268-5832 NETTF [Page 20] RFC 1359 Connecting to the Internet August 1992 PSINet William L. Schrader President & CEO 11800 Sunrise Valley Drive Suite 1100 Reston, VA 22091 (703) 620-6651 wls@psi.com Fax: (703) 620-4586 SDSCnet E. Paul Love, Jr. San Diego Supercomputer Center P.O. Box 85608 San Diego, CA 92186-9784 (619) 534-5043 loveep@sdsc.edu Fax: (619) 514-5152 Sesquinet Farrell Gerbode Office of Networking and Computing Systems Rice University Houston, TX 77251-1892 (713) 527-4988 farrell@rice.edu FAX: (713) 527-6099 SURAnet Jack Hahn 1353 Computer Science Center University of Maryland College Park, Maryland 20742-2411 (301) 454-5434 hahn@umd5.umd.edu THEnet Tracy LaQuey Parker Computation Center University of Texas Austin, TX 78712 (512) 471-5046 tracy@utexas.edu NETTF [Page 21] RFC 1359 Connecting to the Internet August 1992 VERnet James A. Jokl VERnet Academic Computing Center Gilmer Hall University of Virginia Charlottesville, VA 22903 jaj@boole.acc.virginia.edu Westnet Pat Burns UCC 601 S. Howes, 6th Floor South Colorado State University Fort Collins, CO 80523 (303) 491-7260 pburns@yuma.ACNS.ColoState.EDU Fax: (303) 491-2293 8. Appendix B. NSFNet Backbone Services Acceptable Use Policy THE NSFNET BACKBONE SERVICES ACCEPTABLE USE POLICY - released February 1992 GENERAL PRINCIPLE: (1) NSFNET Backbone services are provided to support open research and education in and among US research and instructional institutions, plus research arms of for-profit firms when engaged in open scholarly communication and research. Use for other purposes is not acceptable. SPECIFICALLY ACCEPTABLE USES: (2) Communication with foreign researchers and educators in connection with research or instruction, as long as any network that the foreign user employs for such communication provides reciprocal access to US researchers and educators. (3) Communication and exchange for professional development, to maintain currency, or to debate issues in a field or subfield of knowledge. (4) Use for disciplinary-society, university-association, government-advisory, or standards activities related to the user's research and instructional activities. NETTF [Page 22] RFC 1359 Connecting to the Internet August 1992 (5) Use in applying for or administering grants or contracts for research or instruction, but not for other fundraising or public relations activities. (6) Any other administrative communications or activities in direct support of research and instruction. (7) Announcements of new products or services for use in research or instruction, but not advertising of any kind. (8) Any traffic originating from a network of another member agency of the Federal Networking Council if the traffic meets the acceptable use policy of that agency. (9) Communication incidental to otherwise acceptable use, except for illegal or specifically unacceptable use. UNACCEPTABLE USES: (10) Use for for-profit activities (consulting for pay, sales or administration of campus stores, sale of tickets to sports events, and so on) or use by for-profit institutions unless covered by the General Principle or as a specifically acceptable use. (11) Extensive use for private or personal business. This statement applies to use of the NSFNET Backbone only. NSF expects that connecting networks will formulate their own use policies. The NSF Division of Networking and Communications Research and Infrastructure will resolve any questions about this Policy or its interpretation. 9. References [1] Holbrook, P., and J. Reynolds, Editors, "Site Security Handbook", FYI 8, RFC 1244, CICNet, USC/Information Sciences Institute, July 1991. [2] Internet Activities Board, "Ethics and the Internet", RFC 1087, IAB, January 1989. [3] Comer, Douglas, "Internetworking with TCP/IP: Principles, Protocols, and Architectures", Second Edition, Prentice Hall, Englewood Cliffs, N.J, 1991. [4] Libes, D., "Choosing a Name for Your Computer", FYI 5, RFC 1178, Integrated Systems Group/NIST, August 1990. NETTF [Page 23] RFC 1359 Connecting to the Internet August 1992 10. Security Considerations Institutions who wish to connect to the Internet should be aware that the Internet network is, by nature, and open network. As such, connecting institutions must make sure that security mechanisms are in force on their own campus network to ensure that unauthorized or inappropriate use of campus resources is not exploited by either the internal campus or by the external Internet community. Moreover, it is incumbent on the institution to ensure that the campus community is aware of the proper use of the Internet. The institution bears the responsibility to educate its users on the appropriate use of campus systems within the context of proper and ethical use of the Internet. An assessment of security on the campus network prior to connecting to the Internet should ensure that all required security patches are installed on all campus connected systems as well as on the campus network. Systems with sensitive data or information should be physically secure as well as up to date with software security patches. In so far as possible, network addressable devices should be secure. Changes to these devices should only be effected by authorized network management personnel to avoid potential security risks. For more information on security issues, refer to FYI 8, RFC 1244, "Site Security Handbook" [1]. In summary, it is only the cooperation and attention of each connecting institution on the Internet to security issues that will ensure the security of the Internet as a whole. 11. Authors' Addresses ACM SIGUCCS Networking Taskforce E-Mail discussion list: nettf@comet.cit.cornell.edu Martyne M. Hallgren, Chairman Cornell University 143 Caldwell Hall Ithaca, NY Phone: (607) 255-5510 EMail: martyne@nr-tech.cit.cornell.edu Jack Pope University of San Diego San Diego, CA NETTF [Page 24] RFC 1359 Connecting to the Internet August 1992 Pat Smith MERIT, Inc. Ann Arbor, MI John Cordani Eastern Michigan University Ypsilanti, MI Steven Sather University of California, Los Angeles Los Angeles, CA Joyce McGowan University of Arkansas Fayetteville, Arkansas