2.1 – For departments paying for a full rack, can UNM IT limit equipment installed into that rack to equipment owned/operated by the contracting department?
2.1.1- Is NATing of equipment in the rack supported so that we can limit exposure of traffic between web servers and data base servers, for instance?
“Refrain from bypassing or circumventing security (firewall rules);” – I suggest something like “Will engage IT security and IT Networking as appropriate on all proposed changes to security (firewall rules)
2.2.1 – Add “Meet or exceed UNM Data Center Standard requirements for a Tier 4 facility”? If not Tier 4, perhaps you could specify which tier it satisfies.
3.1
More definition of this would be useful “Communicate and deactivate network access for hosts and/or network segments when infection or violation of security policies are identified;”
Where will reports on performance be accessible?
For Scheduled Maintenance, is all Change Management and notification through CAB or are there other venues? are processes for standing maintenance windows, scheduled maintenance, and emergency maintenance requests documented somewhere?
3.2 Is there any training or certification that should be required for qualified personnel?
4.2 Can department owners of racked equipment participate in service exception planning via CAB or some other process?
7 Same question as 4.2 related to input into changes in maintenance windows.