Take Action


ITS Locations

Help Desk

Teaching Learning Center Room 128
Monday-Friday, 8am-5pm
Phone: (208) 885-4357 (HELP) 


ITS Administration Offices
Administration Building
Room 140
875 Perimeter Drive MS 3155
Moscow, ID 83844-3155
Phone: (208) 885-6721
Fax: (208) 885-7539

Media Center

Teaching Learning Center 131 
Phone: (208) 885-6411
Fax: (208) 885-0566

Records Management

Office of Records Management
Pitman Center (SUB)
Room 53
875 Perimeter Drive MS 4247
Moscow, ID 83844-4247
phone: (208) 885-2580

Current Hours of Operation
Mon: 7:30-4:30pm
Tue: 7:30-11:30am
Wed: 7:30-11:30am
Thur: 7:30-11:30am

Vandal Cards

Pitman Center (SUB)
Room 124
875 Perimeter Drive MS 4256
Moscow, ID 83844-4256
Phone: (208) 885-7522
Fax: (208) 885-9208

Telephone Services

Administration Building 
Room 133
875 Perimeter Drive MS 3155
Moscow, ID 83844-3155
Phone: (208) 885-5800
Fax: (208) 885-7539


Procedures for auditing and moving systems into the Enhanced Security User Network, or ESUN.

System Setup/Prerequisites Audit Phase

1. Clarify system meets the following basic requirements:

Windows Operating System

  • Operating System is Windows Vista SP2, Windows 7, Windows 8 or Windows 8.1
  • Built in or ITS-Approved Firewall is enabled
  • Microsoft update is installed and configured to download/install critical updates daily
  • All current critical updates have been applied
  • Time server is set to time.uidaho.edu (non-AD users)
  • DHCP is enabled (no hardcoded IP addresses)
  • DNS is set to be retrieved via DHCP
  • All network drives are mapped to ITS servers
  • Screensaver configuration to lock console after idle at most 20 minutes and require a password to unlock
  • IPv6 is disabled
  • Vista/7/8 User Account Control is enabled

Mac OS X 10.7 or later

  • Operating system is Mac OS X 10.7 or later
  • Built in or ITS-approved firewall is enabled
  • Updates are performed regularly and products are up to date
  • All current critical updates have been applied
  • DHCP is enabled (no hardcooded IP addresses)
  • DNS is set to be retrieved via DHCP and no static entries
  • All network drives are mapped to ITS servers
  • Screensaver lock is enabled and requires password to unlock
  • IPv6 is disabled

2. Install and configure ITS-managed anti-virus software

3. Install and configure Windows Defender (for Windows only)

4. Perform MBSA analysis (for Windows only)

5. Perform Proventure/Insight analysis (for Windows only)

6. Identify the edge switch to which the system is attached and ensure it is VLAN capable.

7. Verify NMS information is correct - principal userID, department domain, etc

8. Verify the appropriate "managed security" VLAN is trunked to the switch

9. Ask the following questions of the user to make certain we can correct the possible breaks before they happen:
  • Ask if the user is using RDP – if so they need to get a VPN account and install the VPN client on their remote system *or* if on campus move their other machine into the “managed security” networks.
  • Client systems only are to be moved into the networks – absolutely no servers or printers. Thin clients are clients so they are acceptable.
  • If there is no departmental sysad then strongly consider moving them into the AD domain but make sure you copy/configure their profile appropriate. Done properly the user shouldn’t know the difference (except they are using their NetID password).
  • Macs can be moved into the “managed security” networks if they are running OS X 10.6 or newer and meet the OS X equivalent of the above prerequisites (where applicable).
  • Ask if the user uses any service that is IP specific.  If so, take necessary precautions to allow for little downtime for the specific service.
  • Ask if the user’s printer needs moved into the printer network. Verify if we need to move the groups printers into the printer network.

Process to move devices into the ESUN

Please note: this will cause a network outage for the client; make sure you coordinate the MAC and VLAN changes. It is best practice to share your audit spreadsheet with NetTeam and work together port by port to minimize downtime for the customer.

  1. Ask Secondary or NetTeam to move the MAC address into one of the four managed security networks
  2. Have a member of NetTeam move the network port into the appropriate VLAN
  3. Wait 10 minutes for NMS to update the DHCP servers. Since DNS and DHCP configs are built and pushed at approximately the same time, you can use nslookup/dig to determine when this is done.
  4. Reset the network configuration once NMS has been updated.
  5. Verify network connectivity.