1 / 8

Closing SFSU border firewall

Closing SFSU border firewall. Prepared by E.Rayz DoIT Network Services Coordinator February 14, 2012. Topics covered by this presentation. CSU San Francisco Edge Network Design overview Firewall rules - how they work Best practices when closing the borders On-going support overview Q&A.

brian
Download Presentation

Closing SFSU border firewall

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Closing SFSU border firewall Prepared by E.Rayz DoIT Network Services Coordinator February 14, 2012

  2. Topics covered by this presentation • CSU San Francisco Edge Network Design overview • Firewall rules - how they work • Best practices when closing the borders • On-going support overview • Q&A

  3. CSU San Francisco Edge Network Design

  4. Firewall rules - how they work

  5. Best practices when closing the borders • - VPN software available for faculty and staff, also some sponsored contractors • systems administrators are encouraged to use sftp, ssh, and https vsother unencrypted protocols • - systems administrators need to use static ip addresses for servers, and register those ip addresses in dns via e-mail to dns@otrs.sfsu.edu • - requests for justified exceptions will follow an established process and change control procedure, and may take approximately 1 week

  6. On-going support for exemptions requests • The completed “Border FW inbound Port exemption” form should be emailed by authorized Change Control contact to helpdesk@sfsu.edu with a CC to fw-request@sfsu.edu by Thursday, March 1st, 2012. The border firewall closure is scheduled for Thursday, March 15th, 2012 • You will be contacted within 3 business days regarding your request • The following unencrypted and shell access protocols will not be allowed through the firewall except where there is a business justification (e.g. anonymous FTP). End users and administrators are encouraged to use campus VPN for systems needing access via any of the following: • Telnet • FTP • Secure Shell • Remote Desktop

  7. Border firewall inbound port exemption template example:

  8. Q&A • A comprehensive border firewall workshop is scheduled for February 20th 10:30 a.m. – 12 noon, please stay tuned for details on location and full agenda

More Related