Table of Contents
UNOLS Internet Use Policy
Revision: 2023-01-25
The U.S. Academic Research Fleet has established a consistent fleetwide policy for managing access to limited Internet resource on board UNOLS vessels. This policy aims to facilitate the functional, equitable and fair use of the Internet for all persons on board while ensuring the successful delivery of services necessary for science missions.
The primary purpose of Internet resources provided on board U.S. Academic Research Fleet vessels is:
- In support of the Funded Science Mission
- In support of Vessel Operations
All other uses, including personal use, is permitted on a non-interference basis with the primary purpose and within agreed upon Terms of Service as stated below.
Contact Info
Questions regarding this policy should be sent to: satnag@unols.org
Acceptable Use and Terms of Service
Persons onboard U.S. Academic Research Fleet vessels agree to the UNOLS Internet Use Policy and Acceptable Use and Terms of Service prior to using Internet resources.
In addition to UNOLS policies, institutions operating Academic Research Fleet vessels may have additional terms of service and acceptable use policies.
By using Academic Research Fleet network resources you agree to the terms of service of the UNOLS Internet Use Policy.
Internet availability and capacity is provided with a best effort level of service. There are no guarantees that Internet access will be available at any given time and are not adequate for purposes concerning life and safety.
Cybersecurity
Persons using vessel Internet resources must follow the vessel's cybersecurity policy.
Abuse
Abuse of the UNOLS Internet Use Policy may result in revoking Internet access and reporting abuses to parent institutions.
Accounts
Internet access accounts are allocated on a per-person basis
- Persons are accountable for the use of their accounts
- Sharing account passwords or using another person's account is not permitted
- Attempting to create multiple accounts is not permitted
- Attempting to bypass or exceed allocated quotas is not permitted
- Unauthorized access of network resources is not permitted
Devices
- Internet access is limited to two devices per user at a time, at the discretion of the vessel operator.
- Devices must be patched and updated with an up-to-date vendor supported operating system prior to putting devices on vessel networks. There is insufficient bandwidth to update devices once on vessel networks.
- Devices must have updated virus protection software and/or device firewall protection prior to putting devices on vessel networks
- Out-of-date, or end of life devices and operating systems should not be placed on vessel networks
- Please email exceptions to satnag@unols.org
Monitoring
For the purposes of managing cybersecurity and limited Internet capacity it is necessary to monitor network usage to identify inefficiencies and high resource consumers, and cybersecurity threats.
Captive Portal
A Captive Portal is a means by which users are required to login with a username and password prior to granting Internet access. Captive portal access is the primary mode of Internet access for personal devices brought on board.
- The number of active devices allowed per user may be limited at the operators discretion
- Remember to log off when you are done using the Internet. Background processes can use bandwidth without your knowledge.
Internet Use Quota
- Some operators may limit internet access with daily usage quotas.
- User daily quotas reset at 00:00 UTC each day. It is the users responsibility to manage how they choose to use their quota.
- Some categories of websites or applications may be blocked or bandwidth-limited. Speak to the operator of the vessel if you experience issues with science-related applications or sites.
It is the users responsibility to manage how they choose to use their quota.
Captive Portal Accounts
Captive Portal Accounts are managed by each vessel operator. Please contact the respective vessel operator for Internet access accounts
Exceeding Quotas
If you exceed your daily quota you may still use the Internet at designated kiosks computers.
Kiosks
Vessels commonly have public, science or operational kiosk systems configured with unrestricted Internet access from which users can browse the Internet without impacting personal quotas.
Kiosk and clientless hosts should be limited to ~6 systems per vessel.
Public Kiosk
Shared login computers in open public spaces for use by anyone science or crew on a first come first served basis.
Science Kiosk
Typically a short list of transient science operations systems which are key to the mission and designated by the P.I. for a given cruise with less restricted Internet Access.
Operational Kiosk
Typically these are permanently installed computers on vessels in locations like the bridge, and engineering. Use of operational kiosk for personal Internet Access should be minimized in favor of Captive Portal Access or Public Kiosks.
Blocked Services
Several high bandwidth and/or high risk service may be blocked from Internet access regardless of Captive Portal or Kiosk systems. Some of these systems include:
- Updates for Windows, Apple, and Android Devices
- Cloud Storage and Backups: like Dropbox, iCloud, Crashplan, etc.
- Disruptive services which negatively impact Internet service for science and vessel operations.
Exceptions for Science: Please contact the operating institution for your vessel to coordinate Science mission related video streaming services such as outreach activities.
Frequently Asked Questions
How fast is the Internet onboard vessels?
Bandwidth varies by the class of the research vessel (number of berths). You can expect a minimum of 4Mbps on a global vessel, 2Mbps on an intermediate vessel, and 512kbps on a coastal/local vessel. This is 50x to 200x slower than a typical fiber-optic home internet connection and costs roughly 500x more.
Will my multi-factor authentication work at sea?
Multi-factor Authentication (MFA) is increasingly being used for secure logins. MFA can be problematic on ships using satellite internet. MFA that relies on SMS text-messages or voice calls will not work at sea. MFA that relies on push methods or email verification may or may not work. It is advised to use a offline supported method such as One Time Passcode (e.g. Duo or Authy OTP), or Security Key Devices (Yubikeys, etc). Be advised to test offline MFA methods prior to sailing by placing your mobile device in airplane mode.
I exceeded my quota, when will my quota reset?
Quotas reset at 00:00 UTC, which is typically around 4pm Pacific or 7pm Atlantic.
I exceeded my quota and I need the Internet to get my job done, what should I do?
Find a public Kiosk for Internet access. Or wait until 00:00 UTC for your quota to reset.
I need to download a big file larger than my quota, what can I do?
Use a public Kiosk to download the file.
Who pays for the Internet on Academic Research Fleet vessels?
The National Science Foundation (NSF) and Office of Naval Research (ONR) funds satellite based Internet services for the U.S. Academic Research Fleet.
Who is SatNAG?
SatNAG was formed in 2016 and has been funded and directed to review and advise NSF and ONR for ARF satellite communication considerations, and other technology directions which have broader impacts to the U.S. Academic Research Fleet.