- iSchool Tech Services will provision the virtual machine for you, and will be responsible for the infrastructure (networking, storage, patching, VM snapshot backup/restoration)
- Users are primarily responsible for the installation and maintenance of custom applications. Tech services will provide support on a "best-effort" basis.
- Security updates will be applied regularly, which may require a reboot of the server or services. If your server needs to maintain constant uptime, reach out to Tech Services for more options.
- Systems/services exposed on the public network are subject to routine vulnerability scans; users are expected to mitigate any detected vulnerabilities in their custom applications.
- If any security issue cannot be directly addressed (i.e. patched, vulnerable service disabled) the system must be moved onto an isolated network and accessed:
- On a university "device tunnel" VPN (staff/faculty university-managed devices)
- Remotely, through a two-factor-protected "jump server" (RDS)
- From a university research lab system (10.230.84.0/24)
- By default, VM's are hosted on an internal, private network. Services are exposed to the internet as needed via Nginx reverse proxy
- Custom domain names and SSL certificates can be provided by Tech Services upon request
|