Service Name: Firewall / Network Access Control Change Requests
Computing and Communications operates perimeter (Internet/CA*net4) and select internal firewall services on behalf of main campus St John's.
So as to best protect the confidentiality, integrity, and availability of main campus IT resources, these resources are by default not accessible from off campus. Units seeking exceptions to this implicit deny perimeter firewall policy should contact Computing and Communications via one of the two INITIAL POINT OF CONTACT mechanisms listed below.
An assessment of the requested access will be conducted by Computing and Communications staff as per Service Catalog entry VULNERABILITY ASSESSMENTS. Provided the proposed service is found to pose no risk to the wider internal community, the requested firewall exception will be made; otherwise, Computing and Communications will advise the requestor as to what patches, reconfiguration, or other improvements are needed to bring the service into compliance.
Client departments running extremely sensitive services may wish or be required to firewall their services not just against Internet/C4 access, but against other networks internally. Clients believing they may have such services should contact Computing and Communications as per Service Catalog entry SECURITY CONSULTING REQUESTS.
Clients needing adjustment of internal firewall mechanisms already in place should contact Computing and Communications via one of the two INITIAL POINT OF CONTACT mechanisms listed below.
Who can avail of this service:
- Faculty & staff of the St. John’s campus
Out of Scope:
Firewalls and routers located
- Grenfell Campus (SWGC)
- Marine Institute (MI)
- Harlow Campus
- Firewall settings are in effect 24 hrs/day, 7 days/week, 365 days/year
- Firewall/ACL change requests implemented Tuesdays and Thursdays, 10:00-11:00AM
- Three (3) working days for systems not requiring remediation
Processes and Tools:
- New services must undergo and pass a vulnerability assessment before being permitted through the firewall. Please refer Service Catalog entry VULNERABILITY ASSESSMENTS for details.
Accountabilities and Key Roles:
- Help Desk– initial contacts
- IT Security staff – actual firewall/ACL changes
Key Performance Indicators:
- Total number of firewall/ACL change requests per quarter or year
- Number of successful firewall/ACL change requests per quarter or year
Revision: January 2011
Service Owner: Securiy - Kenneth Forward, IT Security Officer