Department Firewall

Department of Materials IT staff operate a department firewall which controls all traffic inbound and outbound from the department subnet. The purpose of the firewall is to 
1) prevent exploitation of insecure services (hacking)
2) restrict inbound/outbound traffic from unregistered devices
3) control inbound/outbound access to/from specific services or devices
4) monitor traffic volumes and types

In all the above, care is taken to ensure that legitimate services are not disrupted. All queries should be directed to Department IT staff.

Firewall Policy

General principles:

  • External incoming - blocked on all ports by default with some host-specific exceptions for SSH, HTTP and a few other services.
  • Department Outgoing - only allow registered devices outbound.
  • Firewall monitoring of all traffic including url filtering and decryption where possible.

Firewall exceptions are strongly discouraged however requests will be reviewed on a case-by-case basis by Department IT staff.

The department firewall offers remote access via Materials VPN.