NetReg

NetReg Best Practices

Registration & Incident Notification - Overview

Below is a high-level description of the routing of information across NetReg and Sock (and its sensors and scanners), that result in security incident notification. Complete and accurate information input into the system is imperative for information security and to safeguard Protected Data.

Offsite Hosting in NetReg

Offsite hostname registration is available through NetReg.

In NetReg you can:

Getting Started

Overview

NetReg uses distinct sets of security contacts (SCs) to support the various ways network resources are managed on campus.

Network assets (e.g., subnets, IP addresses, devices) are registered to SCs in NetReg to enable the correct routing of security notices.  An SC is a role that is comprised of members. NetReg users who have membership in a security contact have varying levels of access privileges.

SC members may have the ability to:

NetReg is Getting New Functionality

June 24, 2019
Casey Hennig

Beginning August 13, Offsite Hostname requests will move to NetReg.

Create Role

To create a new, primary Department Security Contact (DSC):

  • Click the Request a Department Security Contact link in the left nav bar
  • ISO will conduct an intake process and will create the DSC

To create a Group Security Contact (GSC) within your DSC:

  1. Select 'Group Security Contact' from the left menu bar
  2. Click 'Add Group Security Contact'
  3. Provide information about the new Security Contact and its first member.  Click the 'Help' button for help on specific fields
  4. Click 'Save' to add the GSC

Manage Role

Register or Claim Network Assets:

  • Subnets and individual IP addresses
  • Offsite Hostnames
  • Subdomains
  • CC IP Addresses

Manage Assets

Register or Claim Network Assets in NetReg:

  • Subnets and individual IP addresses
  • Offsite hostnames
  • Subdomains
  • CC IP Addresses

Initially, security contacts and their maintainers, as well as registered IP addresses and subnets, subdomains and off-site hostnames were converted from the previous Security Contact application.

For new registrations and ongoing maintenance of existing registrations:

What are Service Provider Security Contacts and how do they work?

Service Provider Security Contacts (SCs) are a special purpose security contact.  As a service provider, they don't have registered network assets, but they are flagged within NetReg as providing support for another SC.  For example, the Service Provider SC might register devices for the Client SC. Service Provider SCs have "device-based" privileges with the Client SC; they can create, edit and delete devices from the Client SC.

How are security notices routed?

Security notices are routed based upon the most specific registration information available in NetReg.

For example, if an IP address has a registered security contact, the security notice is sent to that contact. If there is no specific IP address registration then the notice is sent to the security contact that claimed the subnet. Notices will also be sent to:

•    the registrant contact role's service provider if any
•    its departmental / parent contact role if any,
•    and any contact roles that have 'CC SC' status for the IP address

Privilege Levels for Security Contact Members

Security Contact Privilege Levels

Security Contact roles can have one of the following privilege levels:   View-only, Device, IP Information, and Admin

View-only

Security Contacts with ‘View-Only’ privilege level can view registered assets, but not alter or make changes to them.

Device

Security Contacts with ‘Device’ privilege level can add or edit device registrations.