Home page logo

educause logo Educause Security Discussion mailing list archives

SURVEY: Research Institutions / Border Firewalls
From: Chris Green <cmgreen () UAB EDU>
Date: Mon, 12 Feb 2007 17:38:44 -0600

Good day,


In part of proposing campus firewall solutions, we wish to include some
perspective on what other Research Universities are doing for border
firewalls.   Please reply directly to myself and I'll summarize replies
back to the list.  I will remove your identity from your answer if you
request it.


I'm primarily interested in what other research-focused institutions are


1)      Do you require central server registration?

2)      Do you require VPN for off-campus access? 

a.       If Yes, is it:



Bastion Host

3)      Do you have a firewall on your primary internet link?

4)      Do you have a firewall on your I2/Research Links?

5)      Do you use primarily use dark IP addressing?

6)      Is your IT structure centralized or decentralized?

7)      Do you use a web proxy or SOCKS?

8)      What scenario best describes your firewall policy:

a.       "one size fits all"  (such as allow only port 80 and 443

b.       customized in place; Don't have to change the IP address and
any services requested are allowed.

c.       customized DMZ": You can get whatever you want as long as you
move your server into a DMZ.

d.      Other: Please describe

9)      How do you handle folks doing videoconferencing or legitimate
peer-to-peer (BitTorrent Linux downloads)

10)   Are there any things about your setup you would have done
differently with 20-20 hindsight?


Thanks for taking the time to reply 


Chris Green

UAB Data Security, 205-975-0842


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]