Network Border Firewall Security Policy

Computing devices attached to the campus network are protected by a network firewall that can block unwanted or malicious traffic from the internet. The firewall protections vary according to the firewall policy zone in which a device is placed. All devices are protected by a Baseline policy which blocks the highest severity incoming threats. Other available zones include the Protected zone, which blocks all unsolicited incoming traffic, and a Server zone, which offers high protection appropriate for servers. All zones allow outbound traffic except for a few services that are disallowed by best practice.

All zones are designed to provide protections appropriate for how a device is used. View detailed descriptions of the zones.

In response to an increase in ransomware attacks, the University requires the use of the Virtual Private Network (VPN) for off-campus use of remote access protocols. Remote access protocols are tools, platforms, or services that allow you to virtually access a remote computer (e.g., connecting to a desktop computer on campus from a computer at home). Common examples include SSH, RDP, and VNC. These remote protocols are often entry points for cyberattacks.

VPN software provides additional security, including multi-factor authentication, to protect remote protocols. Resources are available to get started with the University VPN (cVPN).

• For assistance with cVPN software, you can consult the Virtual Private Network (VPN) FAQ or contact the IT Services Service Desk

• For questions about the potential impact of changes on your use of access protocols where the use of a VPN is not an option, please contact Information Security.