Students may connect a single computer to the campus network from their residence hall room. Connection instructions are available at the computing Helpdesk. The network connections in student residences are either 10Mb/s or 100 Mb/s Ethernet; an Ethernet network adapter card and RJ45 cable are required to connect. Students desiring network cables longer than 12 feet to accommodate unique room/furniture arrangements should consult with LIS; in some buildings, the length of the in-the-wall wiring limits the permissible length of extension cables. Modem connections from student rooms are not supported: do not attempt to plug a modem into a network jack. Many new computers come with Ethernet cards built in, or cards may be purchased as add-ons.
Network fan-out devices, such as "hubs," to allow students to connect more than one computer to a single network jack, are prohibited without permission from LIS. They can cause serious malfunction of the local network in certain residence halls. Discovery of an unauthorized network hub may result in the disconnection of the student's network jack. Where possible, LIS will activate a second network jack to accommodate students who have more than one computer.
No student computer may be configured as a router or set up with modems and software to permit dial-in access to College networks from off-campus. Students wishing to configure their machines as servers, have fixed IP addresses, or run other operating system software than the conventional Microsoft Windows or Macintosh network client systems must first consult with LIS staff. Incorrectly configured machines can cause serious disruptions of the campus network.
Home networking devices, such as DSL or cable-modem devices, home routers, wireless routers and wireless access points, etc., can cause serious disruption of campus network services. The default, "out of the box" configurations of many of these are such that, if connected directly into the campus network, they can disable network access for an entire subnet. No such device may be connected to the campus network without prior consultation and approval of LIS network management staff. Discovery of unauthorized devices may result in immediate disconnection of network service. If a device is found to be disrupting network services, it will immediately be disconnected from the network while LIS staff members attempt to contact the owner.
Students may NOT register their own domain names with commercial Internet domain registration service providers pointing to computers on the College network. Network services to a student room will be terminated if such activity is discovered.
Communications Infrastructure Maintenance
Improperly configured or malfunctioning computer or communication equipment can seriously degrade the operation of the College's communication networks. It may be necessary for LIS personnel to enter a student room to confirm the location of such a device, and, if necessary, disconnect it from the network until the situation can be resolved. LIS will attempt to contact the student before entering the room, but time-critical situations, where significant network services are impacted, may require entry without prior approval. Students' computers will not be touched without their prior consent; room entry will be only for the purpose of confirming that the misbehaving computer has been properly identified. For the protection of the student, the Department of Public Safety and/or the Commons office will be notified if entry is made without prior approval. Any temporary disconnection will be made in the network equipment closet, without directly handling students' property.
If students request assistance from LIS to repair a problem with their network connection, they may give LIS permission to enter the room and disconnect equipment for testing and troubleshooting in their absence.
Similarly, telephone services personnel may enter student rooms in the residents' absence to effect repairs to voice telephone equipment or infrastructure.
In order to maintain the best possible computing environment for students and faculty, as well as to maintain the stability of the Middlebury College computer network, Library and Information Services (LIS) expects members of the College community to abide by policies and procedures regarding the use of computing resources on campus and the interaction between on-campus resources and the outside world. Although the Internet is a useful tool, malicious users and software programs from outside the College's computer network may negatively affect the experience of network users if not actively dissuaded.
Peer-to-Peer (P2P) traffic is one medium to exchange information over the network. Priority is given to academic and administrative non-P2P traffic both leaving and entering the college's network. Otherwise, P2P traffic would easily consume the college's Internet bandwidth.
Viruses and worms, if allowed on the network, can cause considerable computer system damage and downtime. Attachments of all electronic mail sent through the Middlebury network are scanned automatically by anti-virus programs for malicious content and blocked when found to be infected. To protect the network from the automatic proliferation of worms, all student, faculty, and staff computers must be correctly patched and protected from common threats, as described in the "Responsible Use of Computing and Network Service and Facilities" section of the College Handbook.
LIS reserves the right to block all traffic and services deemed malicious, through the use of firewall rule sets that protect Middlebury's computing resources from the Internet. Firewall policies will not affect or impair the use of the College network, Internet, or off-campus resources by most users. Students, faculty, and staff with systems that require Internet access beyond that granted by our standard rules must submit those systems to a full security review by appropriate LIS personnel. Such systems and any unfiltered systems will also be subject to additional reviews required by LIS. Privileges will be removed from any systems unable to pass a review. Such systems may, by decision of LIS, be restricted from internal network services or protection for the duration of their outside exposure.
With new attacks and vulnerabilities commonly discovered in a wide range of systems, LIS cannot predict what malicious network use may surface. To defend our community against new or emerging network security threats, LIS reserves the right to respond immediately by imposing network restrictions upon any computer system at the College without prior notice.
Standards for Remote Access
Before accessing Middlebury College's network remotely, either via dial-up or Virtual Private Network (VPN), users must ensure that the computer they are using to connect to the Middlebury network is clean of all spyware, malware and viruses, whose existence can be the most direct way of compromising network security and passwords. If spyware, malware or viruses are seen emanating from a computer that is remotely connected, the user's account will be locked until the password is changed and the user's remote access permissions will be revoked until their computer is serviced.
Automated network management and remediation
The campus network employs an automated network management system that forces all unregistered network devices (computers, game consoles – anything that plugs into the network) into a private portion of the campus network. In order to gain access to the College's servers and the Internet, all users must first register their computers (or network aware devices). Part of the registration process involves automatically scanning the user's computer for potential virus risks that could threaten the campus network and other computers on the network; while this scan is passive (and requires no user interaction), if a vulnerability is found, the computer will be automatically placed in a quarantined portion of the network until remediation of the vulnerability occurs. Registered computers are automatically scanned periodically for new vulnerabilities as they are released and, as such, users' computers may be placed in quarantine until appropriate patches are applied.
If a computer is found exhibiting viral or malicious activity it will be placed in an area of the network where it poses no threat to other computers on the network. While LIS network management staff does not inspect data directly, we do employ automated measures to look for signatures of malicious activity that might pose a threat to the campus network and others.
Telephone Services provides all voice services to the College. Faculty and staff are offered local and long distance service and voice mail boxes. Students residing on campus are offered telephone service and voice mail upon request.
[updated January 2010]
Please consult the Telephone Services webpages for service descriptions, how-to guides for the telephone and voice mail systems, prepaid long-distance services for students, and sources for additional information.