ISC Networking and Telecommunications - Service Descriptions
For accounts on the ISC Networking and Telecommunications email servers, there are two levels of service offered - Basic and Enhanced. The service levels are based on the type of security that is used to access the account.
For the current rates for basic and enhanced security accounts, please see our rates page.
Frequently Asked Questions
If an administrator wishes to switch all users in a particular department to one level of Security, please send mail to email@example.com. We will change all existing users in that department to the specified security level, adjust the password state, and set up account management so that any future accounts created for that department are only allowed the specified security level. We would strongly recommend that all users be set up with the proper client software before requesting that a department be restricted to one security level.I'm not in a position to switch my whole department to Enhanced Security but I'd like any new accounts created to default to Enhanced Security, is that possible?
Yes. We can make Enhanced Security the default when a new account is created. Just send mail to firstname.lastname@example.org with your request.If an account is set up for Basic Security, does that mean that the account cannot use a client that is Kerberos compliant?
No. A user who has been assigned Basic Security can still opt to use Kerberos compliant software like Host Explorer or Eudora. The administrator should work with the user and determine if the user can use Kerberos compliant software exclusively and if so, should switch the account to Enhanced Security.Where can I find out more about Kerberos compliant clients?
A list of Kerberos compliant clients is available.If an account is using SSH, does that mean that the account can't use Enhanced Security?
Yes. There is currently no SSH client supported on the campus that also supports Kerberos. If a user wishes to continue to use software like SecureCRT, that account must continue to use Basic Security.If an account is using only Webmail to read email, can that the account be set up to use Enhanced Security?
Yes. Webmail uses the PennKey/PennKey password for authentication and does not send the PennKey password over the network in plain text.The local password for an account is the same as the PennKey password. Doesn't that mean that the account can be set up to use Enhanced security?
No. Even if the local password is the same as the PennKey password, the account still has a local password that is stored on the system and can still use non-Kerberos compliant software. Enhanced Security means that no local password is stored on the system.
Information Systems and Computing
University of Pennsylvania
Comments & Questions