Data Center and Server Room Standards
The purpose of the Data Center and Server Room Standards is to describe the minimum requirements for designing, installing, securing, monitoring, maintaining, protecting, and decommissioning a data center or server room at the University of Kansas.
University employees (faculty, staff, and student employees), students, and other covered individuals (e.g., University affiliates, vendors, independent contractors, etc.) in their access and usage of University technology resources during the course of conducting University business.
- Physical Plant Layout and Management
- HVAC
- CRAC (Computer Room Air Conditioner) Units:
- Cooling and related equipment must be sized to account for:
- The size of the cooling load of all equipment.
- The size of the cooling load of the building (lighting, power equipment, personnel, building envelope).
- Over sizing to account for humidification effects.
- Over sizing to account for redundancy should a unit fail.
- Over sizing to account for appropriate future growth projections.
- All cooling equipment must be designed, installed, and maintained by qualified technicians that meet local and state codes. All cooling equipment must follow the vendor’s recommended maintenance schedule.
- Air filtration media should be installed at air intake points. Media should be replaced on a regular schedule based on the manufacturer recommended filter lifespan.
- Cooling and related equipment must be sized to account for:
- Humidity/temperature control:
- Humidity and temperature must be maintained at a level that is compliant with the equipment installed on the data center floor.
- Humidity injection units must have separate drains and be fed by conditioned water.
- Cooling towers:
- Units must be maintained by qualified maintenance technicians following factory guidelines.
- Units must be in a secure mechanical yard.
- Units should be designed and installed to eliminate single point of failure.
- Tower restart after power failure must be automatic.
- Towers must have a redundant power source to allow time for a controlled shutdown of supported areas.
- Pump systems:
- Units must be located in a secure mechanical room.
- Units should be designed and installed to eliminate single point of failure.
- Pumps must restart automatically after a power failure.
- Pumps must have an emergency power source to allow time for a controlled shutdown of supported areas.
- Pipe system:
- Pipe must be constructed of high quality rust- and coolant-resistant material.
- Pipe loops must have valves in several locations that allow sections of the loop to be isolated without interruption to the rest of the loop.
- Pipe loops must have isolation valves for each CRAC unit.
- Air delivery and return management:
- Cold air delivery must be managed such that the required amount of air can be delivered to any necessary equipment location.
- Hot air return must be managed to extract air directly to CRAC units without mixing with cold air delivery.
- System monitoring:
- All infrastructure systems supporting machine space services must be monitored on a continual basis.
- Monitoring must be at a central location such as a Network Operations Center.
- Monitoring system must support a master reporting console that can also be accessed remotely (including history logs) and must notify support staff of alarms at central and remote sites.
- CRAC (Computer Room Air Conditioner) Units:
- Electrical Systems
- Main and step down transformers:
- Must be located in a secure mechanical room.
- Must have HVAC systems to support heat load and correct humidity levels for each unit.
- Must be maintained by a qualified technician to factory standards and be supportable by extended factory warranty.
- Main power control panel and PLC (Program Logic Control):
- Must be maintained by a qualified technician to factory standards.
- Must be located in a secure mechanical room.
- Must have HVAC systems to support heat load and correct humidity levels for each unit.
- Must have surge suppression sufficient to prevent large surges from damaging panels and equipment supported by panel.
- PLC must have password security.
- PLC must have UPS (Uninterruptible Power Supply) support for power failure.
- Motor control panels:
- All controls must have automatic restart after power failure.
- Must be maintained by a qualified technician to factory standards.
- Must be located in a secure mechanical room.
- Must have HVAC systems to support heat load and correct humidity levels for each unit.
- UPS systems:
- UPS systems in the data center must be sized to meet current and future needs, with sufficient battery backup to allow for a controlled shutdown of primary servers.
- UPS systems must be designed, installed, and maintained by authorized electricians and technicians and housed in a secure location. UPS systems follow manufacturer’s recommended maintenance schedule.
- UPS systems must have bypass capability to allow for periodic maintenance.
- Backup batteries:
- Must follow manufacture’s recommendations for system to be of sufficient quality and capacity to ensure a long life thus limiting breaks in the battery strings.
- Must be located in secure area with proper ventilation as required.
- Must be installed and maintained by authorized technicians.
- Must be approved for use in computer equipment UPS systems.
- Sub-panels:
- Must be sized to meet current and future needs.
- Must be located in the data center to minimize power runs to desired equipment.
- Panel maps must be maintained to reflect their most current usage.
- Sub-panels must never be opened at the face plate by anyone other than qualified electricians.
- All materials must be at least three feet away from sub-panels.
- RPP (Remote Power Panel) units:
- Must be located to maximize ease of distribution to equipment.
- Must comply with BS/IEC/EN 60439-1.
- Power strips:
- Must be sized to meet the power requirements of the cabinet in which they are installed.
- Power receptacles for power strips must be installed by qualified electricians.
- Monitoring systems must be IP capable.
- Power cable layout:
- The power pathways must maintain a minimum separation from data cable pathway in accordance with ANSI/TIA-469-B Standards and the University of Kansas Design and Construction Standards Division 27 for Telecommunication Systems.
- Equipment power cables should be the minimum required length and slack/strain management must be employed.
- Cables must be arranged to minimize air flow disruptions.
- Grounding systems:
- All data center equipment must be grounded in compliance with state and local codes.
- Data center equipment grounds must be independent of all other building grounds (such as lightning protection systems).
- All metal objects must be bonded to ground including cabinets, racks, PDUs (Power Distribution Units), CRACs, cable pathway, and any raised floor systems.
- Ground resistance should be < 1 Ohm.
- Monitoring system:
- All electrical equipment must be monitored.
- Monitoring systems must be IP capable.
- System must have a central monitoring console located in an area such as a NOC (Network Operations Center) and be remotely accessible.
- System must be able to report alarms at the central and remote consoles by email and send recorded cell phone messages.
- Monitoring system must have analysis and reporting function.
- System must be able to retain log files of equipment performance and incident history.
- Generator management:
- Generator must be start tested and run for at least one hour once a month.
- A full load test and switching test must be conducted at least yearly.
- Maintenance logs must be kept on all tests and reflect all maintenance performed.
- All maintenance must be performed by a qualified technician to factory specifications.
- Management must include remote alarm panel (enunciator panel).
- Maintenance and testing:
- All electrical system components should be regularly inspected.
- Main power switches, transformers, automatic transfer switches, and other major electrical system equipment must be maintained by qualified technicians per factory specifications and recommendations for service cycles.
- Main and step down transformers:
- Access Control and Safety
- Door security:
- Door access control must be maintained 24/7 and should conform to ISO-27001 standards.
- An electronic access control system should be in place and log all access to secure data center areas.
- Access logs should be maintained for a minimum of one year or longer as specified by site security policy.
- Enforcement of strict polices and sign in/out logs is mandatory.
- Review of procedures and sign in/out logs must be done on a regular basis.
- Secured doors must fail open in a fire emergency.
- Video security:
- Allows for local and remote surveillance of secured and public spaces.
- Recording device (tape or hard disk) must be located in a secure area.
- Recording must be done on a regular basis to ensure proper operation of the video security system.
- All security recordings must be saved for no less than 30 days.
- Granting security access:
- Data center locations must have a visitor/non-essential staff access policy.
- Access must only be granted to essential personnel.
- Visitors must be signed in and out and be supervised at all times.
- Visitor logs should be maintained for a minimum of one year or longer as specified by site security.
- Emergency procedures:
- All sites must maintain published emergency procedures that address:
- Emergency contact information
- Various and the respective site’s planned responses
- Ongoing testing and staff awareness
- All sites must maintain published emergency procedures that address:
- Fire alarm and suppression systems:
- Must be designed specifically for use in data centers.
- Must comply with all state and local building codes.
- Suppression systems must be designed to minimize risk of equipment damage.
- Suppression systems must be gas or dry pipe system.
- Suppression system must minimize risk to building occupants.
- Must be maintained by qualified technicians.
- Door security:
- Raised Floor Systems
- Under floor space management:
- Must remain clean and corrosion free.
- Constant air pressure must be maintained at all times.
- Must remain obstruction free for proper air flow.
- Cleaning:
- Must be done with vacuum cleaners equipped with HEPA/S-class filters.
- Must be done on a continual basis.
- Floor structure maintenance:
- Must be corrosion and rust free.
- Damaged pedestals, cross members, tiles, or missing fasteners must be replaced immediately to maintain floor integrity.
- Floor grounding:
- Must be separate from building ground.
- Must comply with all state and local codes.
- Under floor space management:
- Server Cabinet Systems
- Cabinet standards:
- Data center rack enclosures must have 42U vendor neutral mounting rails that are fully adjustable and compatible with all EIA-310 (Electrical Industry Alliance Standards) compliant 19” equipment.
- Cabinets must have access points for power and data pathways at the top and bottom of the cabinet.
- The data center site must have a standardized set of cabinets tailored to the site’s specific needs.
- Cabinet layout:
- The cabinets will be configured in a standard hot aisle cold aisle configuration.
- The cold aisle edge of the equipment enclosures must line up with the edge of the floor tiles.
- Hot and cold aisles must be wide enough to insure adequate access to equipment and safe staff work space.
- In cases where vented floor tiles alone are insufficient to heat load for an area, additional cooling measures will be used.
- Blanking panels will be installed in any unused rack space to minimize cold/hot air mixing.
- Cabinet security:
- All cabinets must be lockable.
- All cabinets must reside in a secure area within the data center.
- Cabinet loading:
- Rack loading must not exceed the weight rated capacity for the location’s raised floor.
- Rack heat load must not exceed the cooling capacity of the location.
- Large servers and equipment must be installed at the bottom of the rack.
- Cabinet standards:
- Cable Plant
- Overhead delivery system cable layout:
- The data room must have a system to support overhead delivery of data connections to the equipment cabinets.
- The data pathways must maintain a minimum separation from high voltage power and lighting in accordance with ANSI/TIA-469-B Standards (American National Standards Institute/Telecommunications Industry Association) and the University of Kansas Design and Construction Standards Division 27 for Telecommunication Systems.
- Fiber standards:
- New fiber installation purchases must be 50 micron OM4 Laser optimized fiber.
- All fiber installations must be labeled and comply with the KUIT Labeling Standard.
- Copper standards:
- Copper jumpers must be CAT6 with Booted RJ45 connectors.
- All copper data cables must be labeled and comply with the KUIT Labeling Standard.
- Grounding:
- All cabinets and cable delivery pathways must be grounded in compliance with the University of Kansas Design and Construction Standards Division 27 for Telecommunication Systems.
- Overhead delivery system cable layout:
- HVAC
- Support Services
- Server Installation
- Power:
- Systems with redundant power supplies must have their power cords plugged into separate power sources.
- Power must be isolated from data cables.
- Power cords must be factory certified.
- Power cords must be clearly labeled and comply with the KUIT Labeling Standard.
- Rack space:
- Heavier equipment must be installed in the bottom half of the rack.
- Equipment must be clearly labeled and comply with the KUIT Labeling Standard.
- Data connections:
- Cable must not exceed required length by more than one foot.
- Must be isolated from the system and rack power delivery system.
- Must be clearly labeled and comply with the KUIT Labeling Standard.
- Fiber connections:
- Fiber must not exceed required length by more than one meter.
- Must be clearly labeled and comply with the KUIT Labeling Standard.
- Must not exceed minimum bend radius as specified by the manufacturer.
- Power:
- Network Layout
- Standard switch layout:
- All networking equipment will be installed by KUIT staff regardless of ownership.
- Switches must be installed in a fashion to minimize the length of data cables required to provision a data connection.
- Highly critical system switch layout and redundancy:
- In the case of highly critical systems where network path redundancy is required, the systems must have redundant data circuits that connect to separate switches.
- Redundant switches must be plugged into separate power strips.
- Standard switch layout:
- Server Removal
- Removal from rack:
- All power, data circuits, management circuits, and fiber connections must be reclaimed and removed.
- All power cords, fiber and copper cables, and management system connection parts must be inspected and returned to inventory if in acceptable condition.
- All management and support software entries must be updated.
- Blanking panels must be installed in the vacated rack space.
- All servers and components must be labeled, inventoried, and properly bundled for delivery to owner or eWaste following established facility procedures.
- Documentation:
- An incident ticket documenting removal must be completed and approved before work begins.
- The asset database and all other records relating to this server must be updated to reflect the change.
- Removal from rack:
- Emergency Response Management
- On call policy:
- A policy must be in place for each Data Center/Server Room defining staff call back requirements.
- Policy will include call back information for all support staff that might be needed to reach a solution.
- Policy will define call back authorization needed to request billable support.
- Emergency procedure maintenance:
- Policies and procedures must be developed to define areas of responsibility, interactions with vendors and other support teams, standard recovery methods, and problem documentation.
- Policies and procedures will be reviewed yearly.
- Policies and procedures will be stored in a central repository in the cloud, which can be accessed remotely.
- Emergency equipment management:
- Response kits must be available to support staff equipment and tool needs for each site.
- Kits will be stored on site in a secure location.
- A master list of all site kits and their locations will be created and a copy kept at each site.
- On call policy:
- Procedure and Policy Development
- Process documentation development:
- Each site will have policies defining roles, responsibilities, and performance standards.
- Each site change will require a review and update of all documentation.
- Site Books will be developed for each site covering all tasks and responsibilities required to support that site. This will include all policies, site standards, and procedures.
- Review, update, and replacement of existing documentation:
- Policies and procedures will be reviewed and updated yearly.
- Each policy and procedure will have an author responsible for maintaining the documents.
- Process documentation development:
- Management of Site Support Tools and Equipment
- Definition of equipment required:
- Each site will create an inventory of support equipment required for that site.
- Each site’s needs will be evaluated to determine if support equipment can be shared between sites.
- Storage, maintenance, and update of equipment:
- Procedures will be developed for maintenance of site equipment.
- Site support equipment needs will be reviewed yearly.
- Each site will have a defined area for storage of site equipment.
- A list of all sites and their equipment will be kept at each site to allow quick location of equipment that can be shifted in case of need.
- Definition of equipment required:
- Server Installation
Exceptions to these standards shall be allowed only if previously approved by the KU Information Technology Security Office and such approval documented and verified by the Chief Information Officer.
Faculty, staff, and student employees who violate these University standards may be subject to disciplinary action for misconduct and/or performance based on the administrative process appropriate to their employment.
Students who violate these University standards may be subject to proceedings for non-academic misconduct based on their student status.
Faculty, staff, student employees, and students may also be subject to the discontinuance of specified information technology services based on standards violation.
Chief Information Officer
Price Computing Center
1001 Sunnyside Avenue
Lawrence, KS 66045
785-864-4999
kucio@ku.edu
The attached standards are designed to represent the baseline to be used by the Data Center and Server Rooms located on the Lawrence campus. While specific-standards organizations are referenced for examples of best practices, it should be noted that site conditions, special requirements, and cost of modification will be taken into consideration when implementing the final configuration of a site. These standards will be regularly reviewed and updated based on new industry standards, new technology, and lessons learned.
These definitions apply to these terms as they are used in this document.
CAT 6: Category 6 cable, commonly referred to as Cat-6, is a cable standard for Gigabit Ethernet and other network protocols that feature more stringent specifications for crosstalk and system noise.
CRAC: Computer room air conditioner
Data Center: A large facility designed to support large numbers of servers in a large conditioned room. Data Centers are usually composed of a large number of racks (25 or more) and are manned 24/7/365.
EMF: Electro magnetic fields
eWaste: Electronic equipment disposal service provided by Information Technology on the KU campus
HEPA/S: High Efficiency Particulate Air filters are used in vacuums cleaners in computer rooms to collect fine dust particles.
Hot/Cold Aisles: A method of arranging computer racks which focuses cold air delivery at the front intake of a rack and expels hot air at the back. Rack rows are arranged so the backs of rows face each other and hot air is collected above the row by a ceiling plenum, which returns the air to the CRAC unit directly. The fronts of the racks face each other in a row that has vented tiles in the raised floor to deliver cold air to the rack fronts from the CRAC units.
HVAC: Heating, ventilation, and air conditioning
IP: Internet Protocol is a term used to indicate a connection to the network.
Level I information: University Information with a high risk of significant financial loss, legal liability, public distrust or harm if this data is disclosed
Level II information: University Information with a moderate requirement for Confidentiality and/or moderate or limited risk of financial loss, legal liability, public distrust, or harm if this data is disclosed.
NOC: Network Operations Center is the location in the Data Center, which is staffed 24/7/365 and monitors and responds to all incidents that affect service availability.
OM4: Fiber optic cable used to support high speed communication in the 10GB range
PDU: Power distribution unit
PLC: Program Logic Control is a computer-based control system used to manage main power distribution switching panels.
Response Kit: A special tool kit used by Floor Space Planning technicians to support services on the Data Center Machine Room Floor.
Server Room: Typically a small conditioned space designed to support computing equipment. These are usually satellite processing centers supporting a specific department and not the entire enterprise. A server room at KU can also be defined as any room containing a server or servers critical to the support and operations of a unit or department and/or contains any Level I or II information as defined by the KU Data Classification and Handling Policy and/or Procedures Guide.
SLA/VRLA: Sealed Lead Acid/Value Regulated Lead Acid are two types of batteries that are used to support Data Center Machine rooms during loss of utility power. They are attached to a UPS system.
University Information: Data collected or managed by the University to support University activities. University Information may include records as well as other data and documents.
UPS: Uninterruptible Power Supply is a system used to condition utility power before it is fed to computer systems and provides power failure ride-thru when the main utility fails. These systems have a battery bank attached, which will provide a set number of minutes of ride-thru time. The UPS monitors the batteries and keeps them at full charge. It reports on power and battery problems.
Standards Organizations:
ANSI: American National Standards Institute
TIA: Telecommunications Industry Association
BS/IEC/EN: British National Standard/International Electrical Commission/European Standards.
The University of Kansas Design and Construction Standards Division 27 for Telecommunication Systems: Campus construction standards
EIA: Electrical Industry Alliance
IEEE: Institute of Electrical and Electronics Engineers
ISO: International Organization for Standardization
10/11/2024: Updated broken link.
02/15/2021: Updated guidelines to align with best practices, approved by CIO; policy formerly approved by Provost.
05/19/2015: Policy formatting cleanup (e.g., bolding, spacing).