ITS Computing Device Quarantine Block/Unblock Process
ITS monitors campus network traffic on a continuous basis and maintains a policy of quarantining (blocking) computing devices from network access due to security breach(es) or violation(s). To support this policy, ITS maintains the following practices:
- When a virus, spyware, network policy violation(s), or other security concerns are detected on a device using the campus network, the device is quarantined and directed automatically to a campus web page with a quarantine notice and instructions about how to end the quarantine. The device's campus network and service access is limited to the campus website server, http://www.csulb.edu, until the quarantine is lifted.
- ITS records blocked devices using the CSULB Campus Network Blocked Users list on Sharepoint. The blocked user list is constantly updated and should contain specific information about what's infecting a quarantined device. Unfortunately, the quarantine notification web page users see can't display this information to them, and they won't have access to the Sharepoint list. The Sharepoint list is available only to campus helpdesk personnel and department technical coordinators/technicians.
- If a quarantined device is owned by the campus, college or business unit technology coordinators or technicians may need to troubleshoot and clean the device before the quarantine is lifted. If a quarantined device is personally owned by an employee, student, or other authorized network user, the end-user will need to have the device cleaned before the quarantine is lifted. To find a qualified repair technician, ITS recommends users contact their device manufacturer or reseller.
- Reference the CSULB Campus Network Blocked Users list when users contact a campus helpdesk with complaints about being unable to connect to the campus network.
Unblock Request Process
Campus technology coordinators/technicians, THD, ITS, may share CSULB Campus Network Blocked Users notes, if available, with employees and students about malware that may be infecting a device and will work toward lifting a device quarantine as below:
- THD directs users as follows:
- Employees with personally owned devices and students are: a) directed to have the device cleaned by a qualified repair technician and b) contact the THD (x54959) to request a quarantine be lifted after the device is cleaned.
- Employees with campus owned devices are directed to contact the college or business unit technology coordinator or technician for support.
- Technology coordinators/technicians supports users as follows:
- Direct students to contact THD
- If a quarantined device is personally owned by an employee, then direct the employee to contact THD after the device is clean and request quarantine removal.
- Clean a campus-owned device, and then call the THD to request quarantine removal, providing device MAC address and username.
- To lift a quarantine from a cleaned device, THD submits a Footprints service ticket with the following information:
- Subject line: Quarantine Removal (Unblock Request)
- Body of the email should, at minimum, contain the MAC Address and Username
- ITS: a) responds to a Footprints ticket and b) if the device quarantine has been lifted, updates the the CSULB Campus Network Blocked Users list on Sharepoint.
Tags – CSULB Quarantine page: http://www.csulb.edu/quarantine