SLAC Computer Security
Search SLAC
Software Use Policies
General Guidelines
Examples of prohibited software: Software running on SLAC systems must be run in a way that does not open SLAC systems to security exposures, or that causes problems to the rest of the community. Software which does not meet these requirements should not be installed unless SLAC Computer Security was consulted first. In addition, if it is found that software is running on the SLAC network that does not meet these requirements the software needs to be removed, or mitigations must be applied after discussions with SLAC Computer Security.
Maintain Computer Software to Retain Connectivity

It is expected that all computers connected to the SLAC network are maintained properly. In the area of software maintenance the following guidelines should help:

Any computer which is not kept up to the minimum standards (either automatically or manually) may be required to be shutdown if it cannot be upgraded, firewalled, or otherwise segregated from the rest of the SLAC network. Contact SLAC Computer Security if this is impossible.

If the documented user and/or administrator cannot be reached and the system is considered readily exploitable then SLAC Computer Security may router block the system. If it is determined the system was online, and exploitable, for too long (time dependent on issues involved) then the system will need to be wiped and re-installed.

The SecurityFocus web site is a good tool for searching for product vulnerabilities.

Operating Systems Allowed to Join to SLAC Active Directory
Only supported versions of the Microsoft Windows operating system are allowed to join the SLAC Active Directory. List of supported operating systems.
Testing New Windows Operating Systems
The standard practice is to install new Windows operating systems on the dev-test network to ensure they do not cause problems with the production Windows infrastructure. We need to ensure to the best of our abilities that the new software will not introduce any harmful security/stability issues to our production systems. For assistance with testing any new Windows software please contact: SCCS Windows Infrastructure Team.

 

Owner: SLAC Computer Security
Last Updated: 07/22/2010
Feedback: Please send to
Computer Security Feedback