Thayer IP Address Policy
Thayer has a limited supply of static IP addresses which can be used under the following policy. To request a static IP address, read the policy and contact Thayer computing services.
Static IP addresses come with some amount of risk. They can expose a server or device to the entire Internet. If the server is compromised, it can be used as a vector to attack other devices within our network. The below policy is designed to protect not only private data on your server, but private data and services for the rest of the Dartmouth community as well.
In order to receive a static IP:
-
The system must be used in accordance with all Dartmouth acceptable use policies.
-
The server or system must provide a service that can not be reasonably achieved by using VPN. “Reasonable” is determined by Thayer School Computing Services. For example, remote shell or remote desktop can be easily used by first connecting to VPN, and then connecting to an on-campus server/system. On the other hand, a web server with a public, non-Dartmouth audience can not be served by VPN and must be exposed to the public Internet.
-
The server must be running an Operating System that is actively getting security updates.
-
There must be an on record, current Thayer community member that is applying security updates in a timely manner.
-
The system must have a current Thayer sponsor (typically a faculty member) on record in case the system’s maintainer leaves or graduates.
-
The system’s location, OS, type of device, sponsor name, and maintainer name must be kept up to date with Thayer School Computing Services.
In order to continue use of a static IP the following steps will be taken:
-
On an annual basis, the IP address will be reviewed:
-
Is the IP/device still being used?
-
Is the requester still affiliated with Dartmouth?
-
Is the device using an OS/firmware that is still supported and getting security updates?
-
Is the requester still maintaining the system by installing security updates?
-
If the device is no longer supported/no longer getting security updates, it must be upgraded, firewalled at the border, or taken offline at the discretion of Thayer School Computing Services.
-
If the requester is no longer present, the sponsor must identify a new maintainer, and have the system brought within compliance.
-
If there is no clear sponsor or requester, the system will be taken offline
-
Server/system access to those without a Dartmouth affiliation should be removed (anyone without a DND account).
-