Educause Security Discussion
mailing list archives
Re: SURVEY: Research Institutions / Border Firewalls
From: Vicky Walker <Vwalker () UNT EDU>
Date: Tue, 13 Feb 2007 08:36:07 -0600
I am not responsible for this area of security at UNT.
Chris Green <cmgreen () UAB EDU> 2/12/2007 5:38 PM >>>
In part of proposing campus firewall solutions, we wish to include some perspective on what other Research Universities
are doing for border firewalls. Please reply directly to myself and I’ll summarize replies back to the list. I will
remove your identity from your answer if you request it.
I’m primarily interested in what other research-focused institutions are doing.
1) Do you require central server registration?
2) Do you require VPN for off-campus access?
a. If Yes, is it:
ii. IPSEC VPN
iii. Bastion Host
3) Do you have a firewall on your primary internet link?
4) Do you have a firewall on your I2/Research Links?
5) Do you use primarily use dark IP addressing?
6) Is your IT structure centralized or decentralized?
7) Do you use a web proxy or SOCKS?
8) What scenario best describes your firewall policy:
a. “one size fits all” (such as allow only port 80 and 443 traffic)
b. customized in place; Don’t have to change the IP address and any services requested are allowed.
c. customized DMZ”: You can get whatever you want as long as you move your server into a DMZ.
d. Other: Please describe
9) How do you handle folks doing videoconferencing or legitimate peer-to-peer (BitTorrent Linux downloads)
10) Are there any things about your setup you would have done differently with 20-20 hindsight?
Thanks for taking the time to reply
UAB Data Security, 205-975-0842