This policy establishes the requirements and procedures for maintaining redundant internet connectivity at Misr University for Science and Technology (MUST). The university relies heavily on internet access for academic instruction, research, administrative operations, cloud-based services, and e-learning platforms. Unplanned internet outages can severely disrupt core university functions. This policy ensures that robust, resilient, and continuously available internet connectivity is maintained across all campuses and facilities.

This policy applies to:

• All campus buildings, facilities, and remote sites operated or leased by MUST
• All IT infrastructure components that depend on internet connectivity
• The IT Department and all staff responsible for network operations
• Third-party Internet Service Providers (ISPs) and managed service vendors contracted by MUST
• Any department or unit planning to procure or modify internet connectivity services

MUST is committed to the following connectivity objectives:

• Achieve a minimum internet uptime of 9% across all campus sites
• Ensure that no single point of failure can cause a complete loss of internet access
• Limit unplanned internet outage impact to critical systems to no more than 15 minutes
• Maintain active contracts with a minimum of two independent ISPs at all primary campuses
• Ensure seamless failover with no manual intervention required for Tier 1 sites
• Support all cloud services, LMS platforms, VoIP, video conferencing, and research networks with adequate bandwidth
• Comply with all applicable telecommunications regulations in the Arab Republic of Egypt

5.2  Primary Internet Connection Requirements

• Minimum bandwidth: 1 Gbps for main campus; 500 Mbps for faculty buildings; 100 Mbps for remote sites
• Fiber optic medium preferred; MPLS or dedicated leased lines acceptable
• Connection must terminate at the university’s core router via a separate physical path
• ISP must provide a guaranteed SLA with minimum 9% uptime and 4-hour fault resolution

5.3  Secondary (Failover) Connection Requirements

• Must be provisioned through a different ISP from the primary link
• Must use a physically diverse path (different conduit, exchange point, or medium)
• Minimum bandwidth: 50% of primary link capacity
• Must be live and monitored at all times – not dormant or cold-standby
• Failover must be tested quarterly

5.4 Tertiary Connection (Tier 1 Sites Only)

• May use 4G/5G mobile broadband as a tertiary emergency link
• Intended for emergency access only – not for general traffic load
• Must support critical services: email, VPN, ERP, and emergency communications

6.1  Automatic Failover

All Tier 1 and Tier 2 sites must be configured with automatic failover using one or more of the following technologies:

• BGP (Border Gateway Protocol) for multi-homing across multiple ISPs
• SD-WAN with health-based routing policies that detect packet loss, latency, or jitter above thresholds
• Hot-standby routing with sub-5-second detection and switchover for critical services

6.2 Routing Policies

• Primary link carries all production traffic under normal conditions
• Secondary link is active but in standby routing mode; it receives all traffic upon primary failure
• Load balancing across primary and secondary links is permitted for bandwidth optimization at Tier 1 sites
• QoS (Quality of Service) policies must be configured to prioritize: VoIP, video conferencing, LMS, and ERP traffic over secondary links

6.3 DNS Redundancy

• MUST must operate at minimum two DNS servers hosted with different providers
• DNS TTL (Time to Live) values must be configured appropriately to support rapid failover
• External DNS must resolve correctly regardless of which ISP link is active

7.2 Contract Requirements

• All ISP contracts must be reviewed and approved by the IT Director prior to signing
• Contracts must specify bandwidth guarantees, SLA penalties for downtime, escalation paths, and notice periods
• A minimum contract duration of 12 months is required for primary links
• SLA performance reports must be submitted by ISPs monthly
• Contracts must include a right-to-audit clause allowing MUST to verify performance data

7.3 ISP Performance Review

• ISP performance is reviewed quarterly by the IT Director
• Any ISP failing to meet SLA three consecutive months is subject to contract review or termination
• Alternative ISPs must be evaluated annually to ensure competitive pricing and technology currency

8.1 Continuous Monitoring

• All internet links must be monitored 24/7 using an automated Network Management System (NMS)
• Monitored parameters include: link status (up/down), latency, packet loss, jitter, and throughput utilization
• Monitoring probes must be sent every 30 seconds or less on all active links
• Historical performance data must be retained for a minimum of 12 months

8.3 Alert Escalation

• Warning alerts: Notify on-call IT engineer via email and SMS
• Critical alerts: Notify IT Director, Network Engineer, and NOC team simultaneously
• Unresolved critical alerts after 30 minutes: Escalate to IT Director and VP for Operations

• All internet-facing connections must be protected by a next-generation firewall (NGFW) with active threat intelligence
• BGP peers must be authenticated using MD5 or TCP-AO to prevent route hijacking
• DDoS protection must be active on all primary and secondary links
• Network traffic must be monitored for anomalies using an Intrusion Detection/Prevention System (IDS/IPS)
• All internet connections must pass through centralized security inspection – split tunneling without security inspection is prohibited
• Changes to BGP routing policies or ISP configurations require change management approval

11.2 Incident Response Steps

• Detection: Alert triggered by NMS or reported by user
• Triage: Network Engineer assesses severity within 5 minutes
• Escalation: P1/P2 incidents escalated to IT Director immediately
• ISP Engagement: ISP contacted within 15 minutes for P1 and P2 faults
• Stakeholder Notification: Affected departments notified within 30 minutes for P1 incidents
• Resolution & Documentation: Incident resolved; root cause analysis completed within 48 hours

• Bandwidth utilization on all links must be reviewed monthly
• Link upgrades must be initiated when sustained utilization exceeds 70% over any 30-day period
• An annual capacity plan must be submitted to university management each October
• Future bandwidth projections must account for growth in student enrolment, online learning adoption, and cloud migration
• Emergency bandwidth procurement procedures must be documented and approved in advance

• MUST shall comply with all telecommunications regulations issued by the National Telecommunications Regulatory Authority (NTRA) of Egypt
• All ISPs used must be licensed to operate in the Arab Republic of Egypt
• Internet connectivity must support compliance with Egyptian Cybersecurity law No. 175 of 2018
• Traffic logs must be retained as required by applicable Egyptian laws and MUST data retention policies
• Non-compliance with this policy may result in disciplinary action for staff or contract termination for vendors

This policy shall be reviewed annually by the IT Director and updated to reflect changes in technology, regulatory requirements, campus expansion, or lessons learned from incidents. All amendments require written approval from the University President.