Firewalls
A firewall is either a software package installed on a computer or a
piece of hardware installed onto the network to limit network access to
either a single computer or a group of computers. In general, firewalls
are installed to improve the security of the computers behind them.
Firewalls on campus are split into four different categories: those
protecting individual hosts, those which protect groups of computers
providing a single service, departmental firewalls, and firewalls
protecting the campus as a whole.
Firewall Principles
- Firewalls are the most effective when close to the host they are protecting.
- Firewalls are one part of the security of a system. They can be helpful in protecting systems, but are useless if other measures are not also taken.
- Firewalls should interfere minimally with the network.
Firewall Types
- Firewalls Protecting Individual Hosts.
Each host on the University's network should be protected by some sort of individual firewall. - Firewalls Protecting Groups of Computers.
Groups of computers offering a single service can be protected by a single firewall when appropriate. - Firewalls Protecting Entire Departments.
Because of the expense of deploying department-wide firewalls that do not reduce the availability of the network as a whole, departmental firewalls are not offered or allowed. - Firewalls Protecting the Campus at Large.
Firewalls at the University's network gateway are installed to protect the otherwise unprotected. These firewalls block very little traffic and only address the most common of threats.