Conditions governing the use of the Network Behaviour Analysis Tool (NetBat)

Find out more about the University's Network Behaviour & Analysis Tool (NetBAT) and when and how it can be used.

The University's Systems Security & Network Access & Management Policy outlines controls associated with network monitoring but it does not stipulate specific control requirements or define how potentially sensitive information obtained through monitoring is to be handled.

These Conditions of Usage have been produced following the introduction of the University's Network Behaviour & Analysis Tool (NetBAT). Apart from being a useful tool to analyse network traffic, NetBAT can be used to provide detailed records of specific users' computing activity.

These Conditions of Usage comprise two parts. The first part governs general usage of NetBAT; access to it and its use for network behaviour analysis. The second part concerns its use relating to specific user activities. Staff using NetBAT are required to abide by these Conditions of Usage at all times.

General Usage

  1. User accounts which provide access NetBAT are to be allocated following a defined process within the Network Development Team. All user account applications must be approved (and signed) by a member of the ISS Executive Team, prior to allocation.
  2. Prior to using NetBAT, all users are required to read and sign a copy of this Charter in agreement that they will fully comply with its requirements.
  3. Completed account applications and a signed copy of this Charter are to be filed and retained by the NetBAT System Administrator for each account holder.
  4. Under no circumstances are those holding user accounts are to allow access to NetBAT by non-account holders.
  5. Users of NetBAT are responsible for ensuring that their machine is either locked or logged off before leaving it unattended.
  6. Data produced by NetBAT is to be regarded as confidential and must not be disclosed to those who are not associated with the operation of the University network.
  7. Data is not to be downloaded, exported or printed from NetBAT except specific data relevant to network behaviour investigations.

Accessing Specific User Activity Data

  1. NetBAT may only be used to access individual user activity:
    • with the specific consent of the respective account holder where a user is experiencing network problems but the cause is unknown, or
    • as part of a formal misuse or abuse investigation which has been authorised in accordance with the University's Security Incident & Computer Misuse Policy
  2. Users of NetBAT access individual user activity are personally responsible for ensuring that data displayed on the screen cannot be overlooked by non-account holders (with the exception of those undertaking official investigations).
  3. Data concerning specific user activity may only be divulged to:
    • the individual and those involved in the resolution of the incident or problem in the case of a user experiencing IT/IS problems, or
    • those officially participating in official investigations in the case of alleged of misuse or abuse.
  4. Specific user data is not to be downloaded or exported from NetBAT except that which is relevant to alleged misuse or abuse investigations, where this is required for evidential purposes.
  5. Specific user data is not to be printed from NetBAT unless relevant to official investigations, where this is required for evidential purposes. All printouts relating to alleged misuse or abuse investigations are to be securely destroyed by shredding as soon as they have been used for their intended purpose.