You are here

Network Firewall

See the Network Firewall Standard in the University's Information Security policy for specific requirements that you must follow.

Standard and Process

Configuration

Configure the firewall to deny all network traffic and applications by default. Use the appropriate configuration management tools to allow specific network traffic or applications on a case-by-case basis. See the Log Management Standard for firewall log requirements.

User Education

A network firewalling technology (e.g. port or IP address filtering) must be used to help protect the computer systems and networked devices. A network firewall is most often an appliance installed into a network for the purpose of controlling access to hosts or networks.

Documentation

Maintain a general document that classifies applications and traffic and explains the need and use on your devices and network behind the firewall.

Where documentation is required, maintain detailed documentation for the requirements and business justification for each rule. Periodically review the documentation and firewall ruleset to ensure that they are still needed and are correctly implemented. Document all reviews and changes to the firewall ruleset. Follow the appropriate change control process for firewall rule changes.

More Information

Document Owner: University Information Security

Document Approvers: Brian Dahlin, Chief Information Security Officer; Patton Fast, University Enterprise Architect

Effective Date: August 2010

Last Reviewed Date: November 2014