Virtual machines

Premise

Ca' Foscari University of Venice (hereafter referred to as the University) offers its teachers, researchers and structures the possibility of using virtual machines (VMs) for professional purposes or for specific projects.

To this end, the Computer Services and Telecommunications Area (hereinafter referred to as ASIT), provides some services such as the selection, implementation and management of the VMs in terms of infrastructure.

All VMs are created using one of the platforms available to the University, additional services such as backup and snapshot and recovery can be agreed with ASIT. The choice of the platform to be used is made exclusively by the ASIT technicians, taking into consideration the requests of the researchers and the type of data that will be processed.

The activation of the service takes place following a request from the interested party or the structure and after a positive evaluation by the Director of ASIT.

For each virtual machine, a person in charge, the owner of the virtual machine, must be identified.

Technical description and responsibilities of the VM owner

The use of a VM is based on the provision of resources to the owner such as computational power, memory and virtual disks, agreed at the time of the request.

The owner can choose the operating system to be installed, as long as it is compatible with the platform adopted. In the absence of specific indications, the virtual machines will be activated in Western Europe.

ASIT undertakes to keep the virtual machine active and to manage the host platform, providing the owner with administrative login details to the operating system and informing him/her of events or problems related to the operating system of which they may become aware.

The owner is responsible for promptly updating the operating system and any software installed.

Under no circumstances may an update of the platform be delayed or omitted. If, after the platform has been updated, the VM has any problems of incompatibility, it will still be the owner's responsibility to update the software with versions that are compatible with the new platform.

Requirement to update systems

The software installed on the servers, including the operating system, has its own life cycle and support. The software developers guarantee updates for a certain number of years, at the end of this period no further updates are released and the system is considered to be in "End of Life". A system that can no longer be updated is to be considered at risk and therefore must be deactivated as soon as possible: in this case, the owner is obliged to migrate his/her active VMs on systems that can be updated and subsequently to then delete the previous VM.

Virtual machine availability

The virtual machine will be associated with a public IP, and a host name that will be used to access the machine. The owner will be responsible for the security and configuration of the operating system and the software installed on it in order to ensure proper operation, availability, and to prevent unauthorized access.

For specific needs and only after ASIT has evaluated the opportunities, it is also possible to provide a dedicated host name on another domain to be associated with the virtual machine.

If, for any reason, a VM contact person is no longer available, the VM will be switched off by ASIT and can only be switched on again by associating it with a new owner.

Regular checks

ASIT may perform regular safety checks on virtual machines.

If the analysis tools detect potential vulnerabilities on the operating system or on the software installed, the owner will be immediately informed and will have to take action to correct them as soon as possible. In the event that, following the report, the vulnerability is not corrected within 3 working days, ASIT may suspend the service immediately and without notice.

Service access

The service can be requested by:

  • lecturers;
  • researchers;
  • University centres and structures;

To access the hosting service, the owner must complete the request using the appropriate procedure on the University website.

The activation of the virtual machine, with the issuing of login details, will take place within 5 working days from the approval of the request.

The user can access the administration of the operating system of the virtual machine, using the details received, through SSH and/or RDP protocols.

Service costs

The costs of the service vary according to the resources required and the periods of use. The

costs are calculated by ASIT and approved by the owner at the start of the project. They may vary during the life of the project if there is a change in the demand. In this case, ASIT will inform the owner of the new cost forecasts.

The costs of the service of virtual machines are among those for which the University, through ASIT, offers coverage of up to €4000 per year, beyond which the owner will be asked to cover the portion of costs in excess of that coverage.

Obligations undertaken by the owner of the virtual machine

The owner is fully responsible for the operation and maintenance of the virtual machine as well as for its contents and any services provided by it.

For example, the owner of the virtual machine must:

  • ensure that the operating system is updated autonomously;
  • ensure that the software installed is updated autonomously;
  • promptly notify ASIT of any anomalies, improper use or faults;
  • resolve any incompatibilities that may arise as a result of routine updates performed on the system by ASIT;
  • update the password every six months;
  • give ASIT prompt and advance notice of prolonged periods of inactivity of the resource;
  • given notice to ASIT in a timely manner that the need for the resource no longer exists.

The contents published by the owner of the VM must be processed in accordance with current copyright law and, in particular, that on intellectual and / or industrial property for third parties. The owner of the VM assumes all responsibility in this regard, and undertakes to indemnify and to release the University from any prejudicial consequence that may arise from use that does not comply with the provisions above.

The owner of the VM guarantees that the services offered will not be used directly or by third parties against public order and ethics, to cause offence or directly or indirectly damage anyone. The virtual machine provided by the University can be used only and exclusively for the purposes agreed upon at the approval of the project, and not as a network disk, that is, as a tool for the simple storage of files and / or material to be downloaded.

The owner of the VM is also responsible for the publication or dissemination through the virtual machine of systems designed to violate or attempt to violate the confidentiality of private messages or aimed at damaging the integrity of other people's resources or to cause anyone damage, directly or indirectly (for example, through the provision of pirated software, cracks, key generators, serials, viruses or other harmful components).

The owner of the VM undertakes:

  • not to use the hosting service to violate, contravene or cause others to contravene in a direct or indirect way the current legislation of the Italian State (by way of example and not limited to, please note the respect of the privacy regulations and the prohibition of the publication of sites relating to gambling, pursuant to the provisions of Law 401/1989 and subsequent amendments and integrations);
  • not to infringe industrial or intellectual property rights against any person;
  • not to harm the image of the University;
  • not to carry out spamming or equivalent actions;
  • not to store sensitive and/or judicial data in the virtual machine without taking the necessary precautions;
  • if the VM is used to process personal or sensitive data: to include the company offering the virtualization platform among the recipients of the data collected in the privacy and consent statements;
  • not to publish websites that contain newspaper content without the written consent of the Rector of the Ca' Foscari University of Venice;
  • not to consider and/or indicate in any case the University as the publisher and/or printer without its written consent;
  • observe the rules of good use of network resources, contained in the document "Netiquette", published on the website of the Italian Naming Authority;
  • Respect the current European and Italian legislation on data privacy.

In the event of a violation of one or more of the above obligations, the University will have the right to suspend the service immediately and without notice. The University does not assume, under any circumstances, any responsibility for information, data, content entered or transmitted and, in any case, processed in the virtual machine, nor is it liable for damage suffered by the owner and / or third parties, directly or indirectly, as a result of the use of the services provided. For all the above cases, the sole responsible party is the owner of the VM.

Reporting faults

Only for the issues that concern:

  • server downtime / fault;
  • disk space used up;
  • necessity to restore any backups;
  • improper use of the site (hacking, spam, etc.)

the owner of the VM can send a request for assistance to ASIT technicians using the University ticketing system (https://apps.unive.it/otrs). Requests for specific services, other than those indicated above, must be made through the ticketing system and will be evaluated on a case-by-case basis.

Last update: 17/11/2020