Service Name: Firewall / Network Access Control Change Requests
Information Technology Services (ITS) operates perimeter Internet/CA*net4) and select internal firewall services on behalf of main campus St John's.
So as to best protect the confidentiality, integrity, and availability of main campus IT resources, these resources are by default not accessible from off campus. Units seeking exceptions to this implicit deny perimeter firewall policy should contact the ITSService Desk.
An assessment of the requested access will be conducted by Information Technology Services staff as per Service Catalog entry VULNERABILITY ASSESSMENTS. Provided the proposed change is found to pose no risk to the wider internal community, the requested firewall exception will be made. Otherwise, Information Technology Services will advise the requestor as to what patches, reconfiguration, or other improvements are first needed to secure the service before extending external access.
Client departments running extremely sensitive services may wish (or be required) to firewall their services not just against Internet/C4 access, but against other networks internally. Clients who feel they may have such services should contact Information Technology Services through the Service Catalog entry SECURITY CONSULTING REQUESTS.
Clients needing adjustment of internal firewall mechanisms already in place should contact the Service Desk below.
Who can avail of this service:
- Faculty & staff of the St. John’s campus
Out of Scope:
Firewalls and routers located at
- Grenfell Campus (SWGC)
- Marine Institute (MI)
- Harlow Campus
- Firewall settings are in effect 24 hrs/day, 7 days/week, 365 days/year.
- Firewall/ACL change requests implemented Tuesdays and Thursdays, 10:00-11:00AM
- Three (3) working days for systems not requiring remediation
Processes and Tools:
- New services must undergo and pass a vulnerability assessment before being permitted through the firewall. Please refer to the Service Catalog entry VULNERABILITY ASSESSMENTS for details.
Accountabilities and Key Roles:
- Service Desk provides initial contacts
- IT Security staff perform actual firewall/ACL changes
Key Performance Indicators:
- Total number of firewall/ACL change requests per quarter or year
- Number of successful firewall/ACL change requests per quarter or year.
Revision: February 2014
Service Owner: IT Security Officer, IT Security Group.