SCinet Network Security Policy
The design characteristics that define the SCinet production networks include high bandwidth, low latency, resiliency and scalability. SCinet peers with the Internet Agency and National wide area networks through a series of very high-speed connections. To maximize performance across these interfaces, there are no firewalls. In this regard, the SCinet network is a logical, albeit temporary, extension of the open Internet. Exhibitors and attendees are reminded that, in this potentially hostile environment, network security is a collective responsibility.
Exhibitors who use insecure communication methods are exposing their networks and systems to compromise. The use of insecure applications including TELNET and FTP is strongly discouraged. These applications are subject to compromise because they send passwords to remote hosts in human readable, clear text format. Attendees are strongly encouraged to protect their sessions through a mechanism such as Secure Shell (SSH), where all communication is encrypted. SSH implementations are available for little or no cost and are straightforward to install and use. Each attendee is responsible for ensuring that their communications sessions are protected in accordance with their security requirements.
All IEEE 802.11a, 802.11b and 802.11g wireless networks, including those provided by SCinet, are vulnerable by their very nature. The ease of use that makes them attractive is the same feature that is most easily exploited. Wireless networks are open to unauthorized monitoring or snooping by anyone within range of an access point.
SCinet will monitor traffic on most external network connections as part of routine network performance monitoring activities. In addition, SCinet has a restricted capability to monitor Exhibit floor, wireless network and external network traffic for evidence of security-related activity including compromise or abuse. However, by no means should this coverage be considered a substitute for safe security practices. Please do your part by being cognizant of network security risks and protecting your systems and sessions.