The following terms and conditions apply to all network services at Cornell. All terms and conditions are subject to change.
All policies that apply to network service, can be found on the CIT University IT Policies page.
As a user of university resources you are subject to all applicable local, state, and federal laws, as well as all relevant university and CIT policies. University Information Technology policy applies to all wired or Wi-Fi data networking. In short, any activity that is illegal or against policy in physical space is actionable using information technology resources. For further information, see the Responsible Use of Electronic Communications page.
Violations of policy may be prosecuted under the CampusCode of Conduct or the Code of Academic Integrity. Furthermore, because Cornell University’s network is private, CIT may terminate or restrict any person's access to its resources, without prior notice, if such action is necessary to maintain the availability, security, or integrity of university operations, information assets or technology resources.
Internet use at Cornell is subject to network usage-based billing (NUBB). Individuals who exceed the monthly billing threshold will be billed a per Megabyte fee for additional Internet usage. Current NUBB details, fees, and billing thresholds can be found at the NUBB service page.
Additional activation and monthly fees, in addition to usage-based billing, may apply for wired network connections. Locations where additional fees apply include the fraternities, sororities, and co-ops with Cornell wired network service. For current fees and details, see the Wired Network service page.
University policy requires that any computer or other networkable device connected to the Cornell network (wired or Wi-Fi) must be registered to the primary user or administrator’s Cornell NetID. This requirement includes, but is not limited to, game consoles, PDAs, printers, Wi-Fi Access Points (APs) and servers. Visitors without NetIDs must also register their devices.
For users of RedRover and student use of the wired network service, all devices must be configured to automatically receive an IP address from the Cornell network. The use of any IP address other than the assigned address is prohibited. This does not apply to computers or other networkable devices which are located behind a router, network address translation device (NAT), or similar hardware that provides IP addresses which are not part of the Cornell network.
Renewal of registrations is required at least annually. Renewal may be required more frequently, or in response to substantive changes in the terms and conditions.
Users of the Cornell network are responsible for the security of their computer or other networkable device. This responsibility includes using a secure administrator password, installing the latest operating system and web browser security updates, running a client firewall, and maintaining up-to-date driver, anti-virus, and anti-spyware software.
Users are responsible for all network usage and usage-based network charges associated with their computer and/or network connection. This includes, for example, all network traffic originating from off-campus for the purposes of connecting to or downloading from a computer, server, or other network device on the network (such as occurs with file-sharing).
Users who operate servers are additionally required to operate any servers in a secure manner (no anonymous access, maintaining accurate logs, good password protocols, etc.). Servers with inadequate security are often used by hackers to gain access to other campus hosts. Any server involved in a break-in attempt will be disconnected from the campus network immediately.
Users who operate their own Wi-Fi access point (AP), router, NAT, or similar network device are required to understand and abide by additional requirements as detailed in 802.11 Wireless (WiFi) Data Network Operation Requirements. Furthermore, users operating their own Wi-Fi AP are additionally responsible for all network traffic associated with those devices. This includes network traffic which may result from other users connecting via these devices. Users should be particularly cautious of operating their own Wi-Fi AP as these devices can be used by other individuals with Wi-Fi cards to access the network and generate usage charges on the connection belonging to the owner of the Wi-Fi AP. It is the responsibility of the device owner to secure, monitor, and administer their Wi-Fi AP in accordance with the 802.11 Wireless (WiFi) Data Network Operation Requirements. Operators of a Wi-Fi AP will be held responsible for all network usage charges incurred, and may also be held liable for any misuse, including if the Wi-Fi AP is accessed by other individuals. In cases where a personally-operated Wi-Fi AP or other wireless devices conflict with Cornell Wi-Fi or other wireless service, preference will be given to CIT production wireless services.
As a standard business practice, CIT collects data about use of campus services and networks. This is typically "log data," that provides information about the nature of an activity but not its actual content. Note, in particular, that the content of e-mail is not scanned. Log data is an important source of resolving system and network problems, including being able to determine when a campus computer has been attacked.
Data collection is in compliance with University Policy 5.1 Responsible Use of Electronic Communications.
Moreover, the IT Security Office may monitor or scan all campus networks for systems showing signs infection by a worm, virus or Trojan Horse, or other types of intrusion and compromise. Systems displaying serious vulnerabilities or problematic behavior will have their network access restricted or denied until the issue has been resolved.
