This information can be made available to CDU staff who are in the market for procuring a new system or application. Either ITMS or the staff member can make this information available to potential vendors to ensure that their system meets our standards.
CDU uses VMWare ESXi virtualisation platform. The current version is VMWare ESXi 5.5 and we have a requirement that any server operating system is supported by this platform.
A full list is available on VMWare's website, and includes most Redhat Linux and Microsoft Windows variants.
Read the VMWare compatibility guide.
Preferred: Windows Server 2012 SP1
Minimum: Windows Server 2008 SP2
Preferred: Red Hat Enterprise Linux 7
Minimum: Red Hat Enterprise Linux 6
CDU provides an Identity Management System that manages LDAP directory membership and authentication services. LDAP is the preferred method for system authentication.
CDU can offer your vendor a range of remote access options to the server including RDP, SSH or FTP. Our preferred method is via RDP or SSH.
Your system and your vendors remote server access must be compliant with CDU protocols, processes and procedures. If the vendor and/or system is not compliant you should flag this immediately as this may have support and cost implications for your new system.
The system owner is responsible for ensuring their vendor has the necessary CDU username and password credentials to obtain remote server access. In the first instance, the system owner should arrange for a CDU account for the individual vendor staff member(s) via eCentre > Forms and Requests > Register a Non Staff Identity and choose Consultant or Visitor from the Partner/Group drop down list.
The CDU system owner becomes the CDU sponsor of the vendor and takes on all responsibility for the vendors actions when remotely logging into the server(s). The system owner and the vendor are expected to comply with CDU Security and Password policies; see System Security and Standards below.
CDU requires that vendors managing applications on behalf of CDU clients conform to the CDU security and password policies. System usernames and passwords not controlled by the CDU Identity Management (IDM) system must conform to the following attributes:
Current University standard password baseline attributes
- Minimum password length: 8 characters
- Password history: 10 previous passwords
- Password age (for system service accounts, this is set to never expire however the account requires reactivation every 12 months to confirm validity)
- Password complexity: complexity enabled
For security reasons, a University password must contain a combination of letters, numerals and non-alphanumeric characters, in both lower and upper case. This is known as password complexity.
Complex passwords enforce the following rules and restrictions:
- Must contain at least one character each from three (3) of the following four (4) categories:
- English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Numbers (0 through 9); and/or
- Non alphanumeric characters (for example, !, $, #, %)
• Can't contain any significant part of your name. e.g. If the user’s name is Fred Nee Blogs they cannot use a password containing Fred, Nee or Blogs (case does not matter)
• Can't contain your username or part thereof (case does not matter)
Password and Security Policies
CDU prefers that any desktop client or desktop interface associated with a client/server system be web browser based. HTML5 is the preferred language to enable the use of the interface across as many browsers as possible.
Web browser based interfaces are generally easier to maintain and enable access from a variety of Operating Systems and devices. If the interface is an installable application, this necessitates further costs due to the requirement for CDU to package the installation files and perform usability testing. It also has ongoing costs associated with any upgrades as this work needs to be done again.
Web based applications that require Java should be avoided due to security and versioning issues.
ITMS requires that all CDU schools and business units implement a maintenance program with their vendor to ensure the ongoing support of the application. The maintenance program should provide for any updates, security patches or general application support.
ITMS has the capability to create and maintain databases using a number of different technologies however the preferred option is Oracle. CDU has invested significant time and money in internal resources to manage the organisations databases. If your Vendor is offering a database of another technology type, you should seek advice from ITMS in the first instance as there may be additional costs to host, manage and maintain the database. This may particularly be in the instance where ITMS needs to seek external support or advice on your behalf.
CDU's preferred database technologies are:
- Microsoft SQL
ITMS has the capability to create and maintain applications using the APEX (Application Express on Oracle) development platform. If you are considering automating a manual process or have identified a need which an online application may suit, then ITMS can provide a level of business analysis to refine the need and further develop an application to cater for that need.
CDU's preferred application development technology is Application Express by Oracle.
These standards must be used to guide the implementation of communications/network based infrastructure implementations in any CDU building projects whether new buildings or refurbishment projects.