Campus Firewall Services

Introduction

The Firewall Service plan offers a limited number of firewall service protection groups to the campus community. There is no cost to participate in the firewall groups.

Currently, there are two firewall systems located on the entrance and exit points to and from the campus network. Policies implemented on these firewalls protect departmental computers from network traffic that crosses the campus entrance and exit points. For example, firewall protection controls traffic that originated from off-campus, but any traffic that is internal to campus would not cross the firewalls and therefore would not be affected by the firewall rules.

Note that the firewalls at the entrance and exit points of campus will neither isolate nor protect departments from other entities on campus. These firewalls are designed to protect campus systems from off-campus threats.

About the firewall groups

Six standard firewall groups are available. The settings on these groups cannot be customized for individual machines; any computer that is assigned to the group will be subject to the group's settings.

Plan details
Descriptions of the firewall groups available for campus systems, including descriptions of their advantages and disadvantages.

How to participate in the Firewall Service Plan
Instructions on how to select IP address ranges for inclusion in firewall groups and how to apply for firewall group coverage for the selected systems.

Service Level Definition
Information on the hours of service, maintenance times, and other service-related details.

More about firewalls

Mark Notarus' March 9, 1999 presentation discusses the uses of firewalls in a security design. (This presentation is for further background on what firewalls in general can and cannot do for security; however, it does not address the specific campus firewall implementation.)