Service Name: Firewall / Network Access Control Change Requests
Computing and Communications (C&C) operates perimeter (Internet/CA*net4) and select internal firewall services on behalf of main campus St John's.
So as to best protect the confidentiality,
integrity, and availability of main campus IT resources, these resources are by
default not accessible from off campus. Units seeking exceptions to this
implicit deny perimeter firewall policy should contact the C&C’s Service
An assessment of the requested access will be conducted by Computing and Communications staff as per Service Catalog entry VULNERABILITY
ASSESSMENTS. Provided the proposed change is found to pose no risk to the wider internal community, the requested firewall exception will be made. Otherwise, Computing and Communications will advise the requestor as to what patches, reconfiguration, or other improvements are first needed to secure the service before extending external access.
Client departments running extremely sensitive services may wish (or be
required) to firewall their services not just against Internet/C4 access, but against other networks internally. Clients who feel they may have such services should contact Computing and Communications through Service Catalog entry SECURITY CONSULTING REQUESTS.
Clients needing adjustment of internal firewall mechanisms already in place should contact the Service Desk below.
Who can avail of this service:
- Faculty & staff of the St. John’s campus
Out of Scope:
Firewalls and routers located at
- Grenfell Campus (SWGC)
- Marine Institute (MI)
- Harlow Campus
- Firewall settings are in effect 24 hrs/day, 7 days/week, 365 days/year.
- Firewall/ACL change requests implemented Tuesdays and Thursdays, 10:00-11:00AM
- Three (3) working days for systems not requiring remediation
Processes and Tools:
- New services must undergo and pass a vulnerability assessment before being permitted through the firewall. Please refer Service Catalog entry VULNERABILITY ASSESSMENTS for details.
Accountabilities and Key Roles:
- Service Desk provides initial contacts
- IT Security staff perform actual firewall/ACL changes
Key Performance Indicators:
- Total number of firewall/ACL change requests per quarter or year
- Number of successful firewall/ACL change requests per quarter or year.
Revision: February 2014
Service Owner: IT Security Officer, IT Security Group.