The University firewall service is available at no cost to all academic, administrative, and research departments, workgroups, or programs wishing to participate. Clients of this service are typically departments, research groups, or LNAs who have identified network resources that require additional data protection.
The service includes:
- Dedicated firewall support staff to assist LNAs with either the creation of a new firewalled network or the migration of their existing network into the firewall service.
- Processing of firewall rule requests
- 24/7 monitoring of firewalls
- Maintenance of firewalls
The University firewall helps to protect computers on the local network from being compromised by allowing through only necessary in-bound traffic; all other traffic is blocked. The vast majority of users are not affected by having their network migrated behind the firewall, as the firewalls are not configured to block outbound traffic. This means that activities such as checking mail and browsing the Internet are not affected.
Users commonly affected by firewalls are those who do the following:
- Run web, mail, FTP or other services on their local network
- Access their departmental computer remotely from home or while traveling
- Print from the wireless network to a local departmental printer
University IT firewall support staff can assist LNAs and tech support staff in constructing the initial firewall ruleset. To request assistance, please review the available tools and then submit a HelpSU.
In addition to basic firewall services, University IT provides the following options for use in conjunction with your firewalled environment:
- SUNAC — Provides an additional layer of protection at a per workgroup level basis for specific firewall rules.
- NetDB Automation — Provides the ability to enable/disable specific firewall services via NetDB. This option requires use of the departmental firewall template at the time of initial firewall ruleset deployment.
- Load Balancer — Provides the ability to transparently balance application services across multiple systems.