Firewall Service Plan Details

Because no two departments on campus are the same, several firewall plans are provided to serve a variety of needs. The group model allows departments to benefit from the protection of the firewalls that are already in place at the entrance and exit of the campus network, while also allowing CITES to maintain a manageable and flexible rule set on the campus firewalls.

There are currently six firewall groups available. Two new groups that allow for remote administration were added in February 2005, after consultation with campus network administrators.

Click on a firewall group's name for more details.

Group name	Allows in	Good for
Fully Closed	None (This is the default group)	Desktops
Fully Closed + Remote Administration	Only SSH, Apple, and Windows remote administration ports (22, 3283, 3389, 5900, and 5988)	Desktops
Mostly Closed	Only the most popular services such as web, email, and file transfer. (Port list)	Web/email servers
Mostly Closed + Remote Administration	Popular services such as web, email, and file transfer plus remote administration ports. (Mostly Closed port list + remote administration port list)	Web/email servers
Mostly Open	All except web, mail, and a selected assortment of other services. (Port list)	Other servers
Fully Open	All except ports always blocked at the campus firewall	Special cases