Public IP Addresses

About this requirement

Requirement Contact:

College Information Security & Policy Office

Date of last update:

04/15/2024

Requirement Statement

Systems (servers and workstations) should use the most secure network available that can provide the access to resources required.

Exceptions to Requirement

There are valid reasons for having a server in the public address range.

Collaboration with research projects at other universities (such as MIT)
Providing information to the public on research projects
The need to access public sites for code, patches, or security updates on required software (IU does provide a campus proxy service for private IP resolutions to outside resources for updates and patching. Please work with the College IT Research, Infrastructure, and Support (CITRIS) for further planning and details)

Procedures

Indiana University supports several network topologies:

Public University addresses - published by UITS and registered with ARIN
Non-routed networks 10.x.x.x and 192.168.x.x

Each request for a system is evaluated to determine the access requirements of the requestor. The default IP address is a non-routed network address. The requestor must provide written requirements in a Footprints ticket for access to resources external to IU that would require a public network address. This documentation will be used during audits or policy reviews.

References:

IU KB: Determine who is responsible for a particular IP address or domain