CSU Policy: Hosted Virtual Machine Service

Policy Title: Hosted Virtual Machine Service Category: Information Technology
Owner: Vice President for Information Technology Policy ID#: 4-1018-016
Contact:
Academic Computing and Networking Services
Web: https://www.acns.colostate.edu/
Phone: 970-491-5133

Also Contact:
Telecommunications
Web: http://telecom.colostate.edu/
Phone: (970) 491-5881
Original Effective Date: 1/17/2012
Last Revision: 7/30/2019
Print Version: Click Here to Print

PURPOSE OF THIS POLICY

A virtual machine (VM) is an operating system (OS) or application environment that is installed on software, which imitates dedicated hardware. The end user has the same experience on a virtual machine as they would have on dedicated hardware. Using a VM hosted on an ACNS server can save a CSU department money by avoiding the need to purchase or lease new hardware. The purpose of this policy is to describe the use of hosted VMs at CSU and the responsibilities of each unit involved in providing and using this service in a secure and efficient manner.

APPLICATIONS OF THIS POLICY

This policy applies to all academic and business units and employees of the University that choose to use the Hosted Virtual Machine service.

DEFINITIONS USED IN THIS POLICY

Client Device:  A client device is the requesting program or user in a client/server relationship. For example, the user of a Web browser is effectively making client requests for pages from servers all over the Web. The browser itself is a client in its relationship with the computer that is getting and returning the requested HTML file. The computer handling the request and sending back the HTML file is a server.

Hosted Virtual Machine: A host-based virtual machine is an instance of an operating system that runs on a centralized server. Access and control are provided to the user by a client device connected over a network. Multiple host-based virtual machines can run on a single server.

Operating System: An operating system (OS) is the program that, after being initially loaded into the computer by a boot program, manages all of the other application programs in a computer. The application programs make use of the operating system by making requests for services through a defined application program interface (API). In addition, users can interact directly with the operating system through a user interface such as a command line or a graphical user interface (GUI).

POLICY STATEMENT

CSU’s Hosted Virtual Machine Service is designed to be a persistent IT service provided to the CSU community by Academic Computing and Network Services (ACNS). The Service will lease virtual machines (VMs) and file storage to any CSU entity on a cost recovery basis. The cost recovery includes amortization, replacement, and possible expansion of the Service. The goal of the Service is to be self-sustaining in perpetuity.

Hosted VM Service allows the Lessee to amortize the initial capital investment in a physical server and storage hardware over time. The Lessee also avoids such server room investments as power, air conditioning, security, fire suppression, networking hardware, and human resources to attend to all of the above for their continuing operation. Furthermore, the Lessee avoids the backup liability for that server, including the cost of backup hardware, licenses, human resources, and consumables.

POLICY PROVISIONS

Governance and Decision Making

The Service is documented in this and Related Documents. The ITEC Advisory Council (IAC) is responsible for approving all changes to this document and oversight of the related policy documents. ACNS is responsible for maintaining these documents. Changes to the Service will be communicated to the CSU IT community (through IAC at a minimum) by ACNS. See the Hosted VM Service Service Level Agreement.

In the event that a circumstance or issue arises between or among Lessee(s) and ACNS about the use or implementation of the Hosted VM Service that is not adequately addressed in this policy or cannot satisfactorily be settled by mutual agreement among the interested parties, then the Vice President for IT will decide the issue or circumstance.

The effective date for any changes to this policy and related documents will be applicable to all Lessees unless otherwise explicitly stipulated.

General Description of Services Provided

  1. Physical computer, storage and networking resources hosted on enterprise-class hardware, with equipment lifecycle replacement built into the lease amount.
  2. Regular and timely backup of all VMs and data, if Lessee chooses that option. Restoration from those backups is possible over explicit periods for a limited time span.
  3. Patching and upgrades of hardware, host OS and hypervisor will typically occur without service interruption of the guest VMs. If an interruption is required, it will be coordinated and scheduled with the affected Lessee(s).
  4. System administration, including:
  • Proactive review of host system parameters, logs and performance counters to identify and correct existing and potential hardware problems, and host OS and resource problems
  • Timely patches and upgrades necessary to maintain the host virtual environment
  • System performance tuning to optimize Lessee workloads
  • Assign disk space, manage permissions and security groups
  • Coordinate vendor-provided maintenance and support
  • Capacity planning
  • Prioritize capacity and resource needs among leased production, development and test systems
  • Manage and verify the integrity of backups of VMs
  • ACNS will maintain limited and restricted access to host systems, hypervisors, etc. Only authorized personnel will have administrative access to host systems.
  • ACNS will not have administrative access to VM guest operating systems and will strictly adhere to administrative boundaries set between the guest and host operating systems.

(Services may change from time to time by the action of the IAC.)

Terms

Services of the Hosted VM Service are leased under this policy and related documents, including the Service Level Agreement. Services are billed in accordance with institutional conventions. Lessee may request changes in VM configuration at any time. Services used during any part of a month are billed for the entire month. Lessee may cancel a service with 30 days’ advance notice.

Hosted VM Service is a persistent ACNS service, therefore it is not anticipated that the service will be discontinued. If CSU management decides to discontinue this service, ACNS will give the CSU community at least one year’s notice.

Fees

Fees associated with this service are determined and published annually, prior to each fiscal year, based on the cost recovery model and the Business Plan. For more information, see the Campus Cloud website.

Configuration

basic VM configuration is available. See the CSU Campus Cloud website for more information. Cost is based upon three variable attributes of the VM:

Number and type of configured CPUs           Fixed fee per CPU/year

Amount of configured RAM                          GB/year

Disk Storage                                             GB/tier/year

Tiers of storage (High performance, normal performance) may be available at varying costs/GB/year, depending upon the cost of the storage. Backups are optional and alter the cost of Disk Storage.

Optional long-term storage: Charge for storing data beyond the standard retention period                   GB/year

Costs for the month will be based on the maximum resources allocated to the VM, regardless of the point in the month at which they are allocated.

For detailed descriptions of hardware, storage and VM components of the Service, see the Campus Cloud website.

Disposition of Data

After Lessee has stopped using the Hosted VM Service, ACNS and Lessee will collaborate to ensure the Lessee can retrieve all its Content and Data in a complete and secure format, including schema, definitions, documentation, and attachments in their native formats, up to the normal backup retention period. There will be a fixed charge for this service. More information is available on the Cloud Computing website. After that period, ACNS will allow all copies of this VM and its data to expire and disappear.

General Description of Backup of VMs and Data, Data Recovery

Periodic data backups will be performed for each leased VM, if lessee chooses that option. Response times for VM snapshot and file restoration requests (if no lessee self-service restore capability exists) are detailed in the “Severity Level Response” section of the Hosted VM Service’s Service Level Agreement.

For detailed descriptions of backup operations of the Service, see the Campus Cloud website.

Security and Performance

Virtualization of information resources does not render existing security needs and policies obsolete; as such, the CSU IT Security Policy still applies. For example, ACNS already has the authority to scan any (virtual) system, and to take appropriate action as required “to maintain the integrity and functionality of the University’s IT environment. This may include, but is not limited to, traffic analysis and disabling access to individual or multiple computers (CSU IT Security Policy Network Security). Similarly, any virtual system containing sensitive information must be registered with ACNS and is subject to regular, active vulnerability scanning. The Lessee’s administrator of a virtual system shall continuously observe the existing requirements regarding operating system updates, application patching, service isolation, logging, backup, data protection, etc. Finally, where appropriate, software firewalls and anti-virus software should be considered in the same way they might be deployed on a physical server.

In addition, virtualization introduces the possibility of other avenues of intentional or inadvertent compromise. The virtualization host and its switching solution represent an additional system to protect, as well as a less-visible, less-controllable network environment than the physically wired infrastructure. ACNS will keep abreast of the evolution of virtualization technologies, and will diligently administer the VM hosts, with the following limitations. Applications involved in credit card transactions will not be permitted, due to the difficulty of ensuring adequate segmentation according to the requirements of the Payment Card Industry Data Security Standard (PCI-DSS).

Finally, due to the multi-tenant nature of the VM Service, ACNS must also maintain the optimal performance of the Service for the tenant community as a whole. This means ACNS must retain the right to intervene in the operation of individual VMs, up to and including shutting it down, if that VM is materially affecting the ability of the Service to function.

For detailed descriptions of the security policies of the Service, see the Campus Cloud website.

Lessee Responsibilities

  1. Lessee assumes all responsibilities and support for the guest OS, including but not limited to the installation, administration, patching, upgrades, configuration, programming, security, security scans, security compliance, firewalls, network addressing and management, and including any and all installations of software and related components to be used on the guest OS.
  2. Lessee is responsible for installing any host management tools as requested by ACNS.
  3. Lessee is responsible for the compliance of their VM with all applicable CSU security, privacy, IT and other policies and procedures, and with applicable state and federal laws and regulations.
  4. Lessee is responsible for all intrusion detection, AVAS, log inspection and other forms of system integrity tracking, performance monitoring and troubleshooting for the VM.
  5. Lessee assumes all responsibilities for the proper licensing of all software, including the OS installed on the VMs, except where this is expressly arranged otherwise with ACNS because of host OS licensing terms.
  6. Lessee must maintain a contact list with ACNS, consisting of Technical and Fiscal personnel contact information.
  7. Lessee decides which accounts have root or local admin access to the VMs.
  8. LESSEE IS RESPONSIBLE FOR VERY TIMELY PATCHING OF THEIR GUEST OS WITH VENDOR-SUPPLIED FIXES OF SECURITY VULNERABILITIES.

Service Exclusions

  1. Lessee will not be granted physical access to the hardware supporting their VM, or other on-site services not expressly included in this policy or the Service Level Agreement.
  2. ACNS cannot be responsible for the installation, configuration or management of guest operating systems, but will provide advice and guidance and a library of pre-configured operating systems to facilitate guest OS installation.
  3. ACNS has no obligation to assist in the installation, configuration, or management, or the design or modification of software code or applications, or the support of any of the foregoing, hosted on the VM.
  4. Allowed VM guest operating systems are limited to Linux-based and Microsoft Windows-based, server-class operating systems. Generally, all such operating systems that have mainstream vendor support will be supported. ACNS will not support the installation of a guest OS that is past its vendor-published end of life.
  5. ACNS will not support products that do not meet the CSU Acceptable Use Policy and other applicable University policies.

REFERENCES

CSU Cloud Computing

CSU Acceptable Use Policy

CSU IT Security Policy

FORMS AND TOOLS

Hosted VM Service – Service Level Agreement

 

Print Version: Click Here to Print

csu ramhead logo

The CSU Policy Library is maintained by the Office of Policy and Compliance