Overview
The University firewall service is available to all wired and wireless networks used within Stanford student residences. With this opt-in service, all incoming network connections to Stanford residences pass through a University firewall. Students may set which types of traffic they would like the firewall to filter by choosing between four predefined firewall access levels (detailed below) when they register their computers with Student Technology Support - Residential Network Tool.
- Closed: Recommended for most users. Almost all traffic initiated from outside the residential network is blocked. (As with all four settings, all communication initiated from your computer is allowed or from other computers in your building or neighborhood is allowed.) This is the same result as with the normal settings for the firewalls built into Microsoft Windows and Apple MacOS, which you may already be using. This is the highest-security residential firewall setting.
- Limited Access: Allows the communication necessary to host a website on your personal computer or log in to it remotely (SSH, HTTP, and HTTPS on the standard ports). If you do not require remote access or are not running a website on your personal computer, it is most likely you will not need these ports accessible. As such you should not opt for this setting.
- Server Access: Includes all of the services in the "Limited" profile as well as BitTorrent (6881-6889), Xbox Live (88, 3074), Ventrilo (3875-3875), and a range of open ports (3766-3800) for use with custom services. If you do not require the aforementioned services or ports for your personal computer and/or applications, it is most likely you will not need these ports accessible. As such you should not opt for this setting.
- Full Access: Allows all incoming traffic, providing no protection. If you are running a service not listed above which requires connections initiated from the outside, choose this setting. As this option increases your exposure, please be sure your computer is fully patched, running a software firewall, and utilizes strong passwords.
If you are uncertain which firewall access level is appropriate for you, we recommend you begin by choosing "Closed," being the most secure, which is sufficient for most who simply use their system for browsing the web and checking email and joining Zoom calls. If you determine later that you need a different setting, you can easily change it by updating your registration or asking Student Technology Support for further assistance.
Note that the residential firewall will not conflict with the built-in firewall included in most operating systems (such as Microsoft Windows or MacOS).
Contact Information
For more information, contact: Residential Firewall Team
