Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This is where you should include a description of what your NREN, project or institute does.

This table is for information that may be helpful to include. Any information may be added as you wish, anything you wish to PUBLICLY share with others.

Irrelevant ones may be removed.

Lines may be duplicated to refer to multiple documents.

E.g. you may provide a link to a list of policy documents, or you may provide several lines with links to various policy documents.

You may include any text/explanations you wish.  Please don't include anything here that may be of use to an attacker.

Note that now the WHITE (level 1) and AMBER (level 2 )templates are the same, people choose what they share publicly or privately

You may include any text/explanations you wish. 

Name of NREN/Project/InstituteExample Project Institute Homepage
 Example Intranet
 General OverviewPublic link for
Link to Intranet for
this project or NREN
 Emergency
 Security Emergency contact
 How

How to contact in an emergency

E.g. E-mail(s) or link to instructions

 How to report a security incident Incident reporting e-mail(s) preferably, and/or links to instructions
RFC 2350

 Link to relevant public document if you have one,

or who to contact

Security officer individual e-mail if you wish, some make public, some don't
Data Protection Officer (GDPR)
Hosting Organisation 
Who is in charge of the NREN/Project Could include deputies
ISMLink to ISM for this project, or person to contact if not public
Policy Documents (incl. AUP)Link to policy docs for this project, or person to contact if not public
Software Vulnerability handlingLink to procedure/web, or who to contact
Security MonitoringLink to security monitoring information, if present, or who to contact
Other incident PreventionAny other incident prevention work
Incident handlingIncident handling procedure - if public
Contact information (if public)
, if not who to contact
Any other contact informationAs you wish
Compliance with standardsStandards complied with, including
 ipv4/ipv6 prefixes (more suitable for NRENs or sites than very dist. infrastructures)
Identity information 
 Authorization information 
 Links to blogs, reports, anything you wish. 
 Other functions 
 Individual members (as you wish)
 Projects people work on (if you wish)
People's expertise 
  
  
 
How to report a security incidentCompliance with standards